Security News > 2021 > May > DarkSide ransomware group suffers setbacks following Colonial Pipeline attack
The ransomware group that targeted Colonial Pipeline may be regretting its attack in the wake of reprisals from both the U.S. government and the ransomware community.
Last week, the U.S. government in the form of the FBI pointed the finger at DarkSide as the culprit behind the pipeline ransomware attack.
Speaking about the pipeline attack last Thursday and ransomware groups in general, President Biden said that the U.S. is "Going to pursue a measure to disrupt their ability to operate." He also mentioned a new Justice Department task force "Dedicated to prosecuting ransomware hackers to the full extent of the law." The president added that he doesn't think the Russian government was behind the attack but does believe that the people behind the attack live in Russia.
This new focus on combating ransomware and the repercussions of attacking critical infrastructure has put DarkSide in hot water within the ransomware community, creating a chain of events that has affected other groups as well.
On May 13, the XSS forum, which operates as a underground Russian-language cybercrime platform, announced that it would ban all ransomware activities on its forum, including ransomware affiliate programs, ransomware for rent and the sale of ransomware software.
The decision to ban further activity was based on ideological differences between the forum and ransomware operators as well as the media attention from high-profile ransomware incidents, the administrator of XSS said.
News URL
Related news
- Keytronic reports losses of over $17 million after ransomware attack (source)
- UK health services call-handling vendor faces $7.7M fine over 2022 ransomware attack (source)
- McLaren hospitals disruption linked to INC ransomware attack (source)
- Six ransomware gangs behind over 50% of 2024 attacks (source)
- CISA warns of Jenkins RCE bug exploited in ransomware attacks (source)
- CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks (source)
- Most Ransomware Attacks Occur When Security Staff Are Asleep, Study Finds (source)
- Most ransomware attacks occur between 1 a.m. and 5 a.m. (source)
- New Qilin Ransomware Attack Uses VPN Credentials, Steals Chrome Data (source)
- Lateral movement: Clearest sign of unfolding ransomware attack (source)