The name Darkside is now in the news after a cyber attack on the Colonial Pipeline, the largest fuel pipeline in the United States. This is known as dark side and ransomware .
The United States has paid a ransom of ५ 500,000, or about करोड 60 million, to help hackers protect their data. After the attack, the criminal group disrupted the delivery of gasoline.
The U.S. government and the Colonial Company did not say whether the hackers paid the ransom, but CNN, the New York Times, Bloomberg and the Wall Street Journal claimed, citing various sources, that the hackers were paid.
What kind of group is this that can capture data and even take ransom by entering the system created by America?
According to various online reports, Darkside is a cybercriminal hacking group based in Eastern Europe that has demanded a ransom to recover data from cyber attacks. The group is said to have come from Russia, but is not sure.
It does not invade the former Soviet Union. Computers have Russian, Ukrainian, Georgian or Belarusian languages, but Darkside ransomware has not been attacked.
Interestingly, they claim that the ransom they ask for will be donated to charity. The group has a policy of not attacking hospitals, schools and NGOs. Darkside has focused on organizations that can pay a lot of money.
Darkside attacks have hit countries such as Israel, the United States, Italy, Belgium, Chile, Malaysia, the United Kingdom, India, Spain and Poland.
The code for the ransomware used by Darkside is found to match that of the ransomware software used by Revel.
That is why it is suspected that he is working in collaboration with Darkside Revolver.
Darkside is also believed to be affiliated with UNC 2628, UNC 2659 and UNC 2465.
The group they belong to has been found to be used by Darkside as a hacker. Darkside has been found to use its ransomware technology.
In return, the groups demand 25 percent of the shares for up to हजार 500,000 and 10 percent for more than $5 million.
The beginning of Darkside
it has not been long since Darkside came out. In August 2020, Darkside first introduced ransomware.
Then, in October 2020, Darkside donated 20,000 dollars from the stolen money. In November 2020, Darkside established the Ross model.
This model also invites other criminals to use its services. Darkside’s data leak site was discovered in November.
Darkside also unveiled a content delivery network that stores and delivers data. When I arrived in March 2021, Darkside launched version 2.0 of Yansmware with many updates.
The hackers then attacked the colonial pipeline.
Darkside’s Toshiba attack
In Europe, the Toshiba unit (6502.T) was hacked by ransomware. Toshiba Tech Corp says hackers have managed to steal very little data.
Ryansamware has demanded money in cryptocurrency. It is estimated that ransomware will continue to leak data until the money is paid.
Toshiba Tech Corp also claimed that the US FBI had hacked Darkside.
Is Darkside closing?
On May 14, 2021, Darkside issued a statement in Russian. It was acquired by cybersecurity firm FireI and Intel 471.
The Wall Street Journal and The New York Times wrote about it.
According to the statement, due to strong pressure from the United States, the existing services will be shut down.
At the same time, Darkside has stated that it will close the programs affiliated with it. The day after the announcement, US President Joe Biden said he would take appropriate action against Darkside and suspend its operations.
Darkside also said it had been blocked from accessing its payment servers, blogs and funds.
It is also suspected to be a ploy to divert the attention of all nations, as cybercriminal networks have been shut down and revived in the past.
In collaboration with various agencies
Useful Links: BishalRajwarNepali, BishalRajwarEnglish, AddUnit, OfficerBishal, PolicingStudent, GegreSoft, LBR, KKR, College Of Policing, SocialWorkNepal, WindowsActivate, Jyamuno, PolicingStudent, InnerPeace, Jyamuno, BishalRajwar.com.np, BishalRajwar.com, AddUnit, Nepalese Society, YouTube.