Sorry: “allegedly.”
The DarkSide ransomware affiliate program responsible for the six-day outage at Colonial Pipeline this week that led to fuel shortages and price spikes across the country is running for the hills. The crime gang announced it was closing up shop after its servers were seized and someone drained the cryptocurrency from an account the group uses to pay affiliates.
(Via @vermontaigne) Normally I’d explain what happened with Darkside vis-a-vis the NSA, but honestly? Agent Bubbles summed it up nicely.
I will note this, though: when the company that you just took for ransom – while incidentally sparking reports of gas lines and fuel shortages across the eastern half of the USA – suddenly decides to pay the ransom after all, well… actually, never mind. There’s nothing to be nervous about. Don’t worry about it at all. Everybody knows that the NSA never gets involved in domestic political situations. You’ll be fine.
I’d say it’s just as much the Russian FSB cleaning up their contractors who were sloppy enough to *get caught*.
They might have been dealt with as an object lesson. The last thing anyone wants right now is for this sort of thing to become common around the world.