Security News > 2021 > May > DarkSide ransomware will now vet targets after pipeline cyberattack
The DarkSide ransomware gang posted a new "Press release" today stating that they are apolitical and will vet all targets before they are attacked.
Today, the DarkSide ransomware gang issued a press statement stating that their organization is 'apolitical' and is not associated with any government.
As Iran is on the US sanctions list, this caused ransomware negotiation firms, such as Coveware, to put DarkSide on their restricted list and no longer negotiate ransom payment for this operation.
"It is probable that a portion of the proceeds from any prospective ransom payment to DarkSide would be used to pay services providers within Iran. Accordingly, we have placed DarkSide on our restricted list," Coveware CEO Bill Siegel told BleepingComputer.
With Colonial Pipeline, DarkSide went too far and is now in the crosshairs of US law enforcement.
It would not be surprising if DarkSide releases the Colonial Pipeline decryption keys for free and does not leak the data for the pipeline as a gesture of goodwill.