Despite their semi-public presence, it seems that ransoming a company that provides fuel to most of the eastern seaboard drew a little too much heat for the Colonial Pipeline hackers. Cybercrime researchers Intel 471 are reporting that the ransomware group Darkside has essentially ceased operations after it appears its technology infrastructure was disrupted or dismantled and as much as $5M in crypto currency was seized by unnamed law enforcement entities.
Chalk one up for the “Good Guys”?
In a statement published in Russian to its “affiliates” Darkside wrote:
A couple of hours ago, we lost access to the public part of our infrastructure…
The hosting support service doesn’t provide any information except “at the request of law enforcement authorities.” In addition, a couple of hours after the seizure, funds from the payment server (belonging to us and our clients) were withdrawn to an unknown account.
In view of the above and due to the pressure from the US, the affiliate program is closed. Stay safe and good luck.
The landing page, servers, and other resources will be taken down within 48 hours.
The moral underground? Ransomware operators retreat… | Intel471.com
In case you missed it, Darkside was presenting themselves as a Software-as-a-Service (SaaS) company but instead of offering cloud-based email or data processing or point-of-sales, dark web shoppers could get access to a turn-key Ransomware platform they could turn loose on their own “customer base.” According to some estimates, Darkside netted nearly $90M in cryptocurrency fees paid by its clients over the course of its relatively short life, and it seems other outfits who shared a similar business model were also equally successful. Fortunately for the rest of us who are trying to make money without committing crimes, when the RaaS purveyors also adopted other more traditional trappings of the business world, namely centralized infrastructure and fee collection, they created a target that law enforcement could leverage to dismantle their operations.
While eliminating these highly-visible (relatively speaking) threats should be taken as a positive, you can bet that other operators are taking notes and learning lessons from their fallen brethren who have encouraged their successors to maybe avoid instead of seeking the limelight. As we all know, scaling in the business world definitely means more profits, but you’ve got to be ready for the scrutiny that comes with it. Selling software is an honest living, unless your software is used to extort millions, in which case an audit is the least of your worries.
Image by Gerd Altmann from Pixabay