• chevron_right

      Pipeline attacker Darkside suddenly goes dark—here’s what we know

      Dan Goodin · news.movim.eu / ArsTechnica · Friday, 14 May, 2021 - 21:25

    Pipeline attacker Darkside suddenly goes dark—here’s what we know

    Enlarge

    Darkside—the ransomware group that disrupted gasoline distribution across a wide swath of the US this week—has gone dark, leaving it unclear if the group is ceasing, suspending, or altering its operations or is simply orchestrating an exit scam.

    On Thursday, all eight of the dark web sites Darkside used to communicate with the public went down , and they remain down as of publication time. Overnight, a post attributed to Darkside claimed, without providing any evidence, that the group’s website and content distribution infrastructure had been seized by law enforcement, along with the cryptocurrency it had received from victims.

    The dog ate our funds

    “At the moment, these servers cannot be accessed via SSH, and the hosting panels have been blocked,” the post stated, according to a translation of the Russian-language post published Friday by security firm Intel471. “The hosting support service doesn't provide any information except ‘at the request of law enforcement authorities.’ In addition, a couple of hours after the seizure, funds from the payment server (belonging to us and our clients) were withdrawn to an unknown account.”

    Read 17 remaining paragraphs | Comments

    index?i=6YpXlRdG56U:efbIqwr7pNQ:V_sGLiPBpWUindex?i=6YpXlRdG56U:efbIqwr7pNQ:F7zBnMyn0Loindex?d=qj6IDK7rITsindex?d=yIl2AUoC8zA
    • chevron_right

      Major ransomware attack cripples gas pipeline on US East Coast

      Jim Salter · news.movim.eu / ArsTechnica · Monday, 10 May, 2021 - 16:56

    Problems with Colonial Pipeline

    Enlarge / Problems with Colonial Pipeline's distribution system tend to lead to gasoline runs and price increases across the US Southeast and Eastern seaboard. In this September 2016 photo, a man prepared to refuel his vehicle after a Colonial leak in Alabama. (credit: Luke Sharrett via Getty Images )

    On Friday, Colonial Pipeline took many of its systems offline in the wake of a ransomware attack. With systems offline to contain the threat, the company's pipeline system is inoperative. The system delivers approximately 45% of the East Coast's petroleum products, including gasoline, diesel fuel, and jet fuel.

    Colonial Pipeline issued a statement Sunday saying that the US Department of Energy is leading the US federal government response to the attack. "[L]eading, third-party cybersecurity experts" engaged by Colonial Pipeline itself are also on the case. The company's four main pipelines are still down, but it has begun restoring service to smaller lateral lines between terminals and delivery points as it determines how to safely restart its systems and restore full functionality.

    Colonial Pipeline has not publicly said what was demanded of it or how the demand was made.

    Read 10 remaining paragraphs | Comments

    index?i=NLal65JYMbY:bPaSK7n0y70:V_sGLiPBpWUindex?i=NLal65JYMbY:bPaSK7n0y70:F7zBnMyn0Loindex?d=qj6IDK7rITsindex?d=yIl2AUoC8zA