The group behind the ransom program, which downed the Colonial Pipeline oil supply company, apologized late last week for the “social consequences”, claiming their goal was to make money, not cause societal problems.
The group is called “Dark Side”, and the FBI has confirmed that the group’s malware was responsible for penetrating one of the largest fuel pipelines in the United States. Read also Cyber wars .. Fears in Tel Aviv about piracy of the data of hundreds of thousands of Israelis, including military personnelIt consists of 4 infiltration units, how the FBI tracks smugglers on the secret Internet A French cybersecurity agency: a Russian hacking group that targeted the Internet infrastructure in our country WhatsApp fraud .. what is it and how does it affect you? Thus, you protect yourself
According to Vice, the group’s apology was posted on its dark web site. “We are not politicians, and we do not participate in geopolitical decisions, and we do not need to be linked to a specific government and search for other motives,” she said. “Our goal is to earn money, not to cause problems to society, and from today we will check every company we encode to avoid social consequences in the future.” .
According to New York Times cybersecurity reporter Nicole Burloth, Darkside is not necessarily linked to a specific nation-state; But it tends to avoid targets whose systems operate in Russian and Eastern European languages (see tweet included below). Bloomberg also reported that the group is known to speak Russian.
The assumption is that Darkside is not nation state affiliated, but like oh-so-many ransomware groups it uses tools like “GetUser Default Lang ID” to perform language checks. If the victim uses any languages below, DarkSide moves on. https://t.co/atMjKSPAJl pic.twitter.com/LNJ0CBDdBo
– Nicole Perlroth (@nicoleperlroth) May 10, 2021
According to the New York Times, the 5,500-mile pipeline is responsible for transporting 45 percent of the fuel to the eastern United States, including jet fuel and gas.
The “Colonial Pipeline” company, which runs the pipeline, issued a statement saying that it is currently restoring parts of its system to the Internet, after stopping all operations; Due to the cyber attack, it confirmed that its goal is to restore service by the end of the week.