DarkSide Ransomware Operators Have Lost Access To Their Infrastructure

The servers of the ransomware group Darkside, responsible for the attack on the American fuel giant Colonial Pipeline, have been shut down. Grouping topics will also be removed from underground forums. Cybercriminals have lost access to the public part of their infrastructure, including their blog, payment server, and CDN (Content Delivery Network) servers. This was announced by the telegram channel Russian OSINT

Currently, the servers are unavailable via SSH protocol, and the hosting panel is blocked. The funds from the payment server of cybercriminals and their clients were withdrawn to an unknown address.

In addition, hackers have introduced new restrictions on further criminal activities. They will not attack the social sector (healthcare, educational institutions) or government organizations of any country.

Affected companies that have not yet paid the ransom will receive tools to decrypt the system.

Previous Post Next Post