Colonial Pipeline paid $5 million ransom to hackers
https://www.cnbc.com/2021/05/13/colonial-pipeline-paid-ransom-to-hackers-source-says.htmlColonial Pipeline paid a ransom to hackers after the company fell victim to a sweeping cyberattack, one source familiar with the situation confirmed to CNBC.
A U.S. official, who spoke on the condition of anonymity, confirmed to NBC News that Colonial paid nearly $5 million as a ransom to the cybercriminals.
It was not immediately clear when the transaction took place. Colonial Pipeline did not immediately respond to CNBCs request for comment. The ransom payment was first reported by Bloomberg.
Earlier on Thursday, President Joe Biden declined to comment when asked if Colonial Pipeline paid the ransom. White House press secretary Jen Pskai told reporters during a briefing that it remains the position of the federal government to not pay ransoms as it may incentivize cybercriminals to launch more attacks.
Last weeks assault, carried out by a criminal cybergroup known as DarkSide, forced the company to shut down approximately 5,500 miles of pipeline, leading to a disruption of nearly half of the East Coast fuel supply and causing gasoline shortages in the Southeast.
PortTack
(34,091 posts)mobeau69
(11,401 posts)jimfields33
(18,233 posts)I think its dumb to pay a ransom.
mobeau69
(11,401 posts)Probatim
(2,943 posts)I'm sure they can be trusted to do that. Correct?
jimfields33
(18,233 posts)SharonAnn
(13,838 posts)Darkside ransomware gang says it lost control of its servers & money a day after Biden threat
Source: The Record
A day after US President Joe Biden said the US plans to disrupt the hackers behind the Colonial Pipeline cyberattack, the operator of the Darkside ransomware said the group lost control of its web servers and some of the funds it made from ransom payments.
A few hours ago, we lost access to the public part of our infrastructure, namely: Blog. Payment server. CDN servers, said Darksupp, the operator of the Darkside ransomware, in a post spotted by Recorded Future threat intelligence analyst Dmitry Smilyanets. Now these servers are unavailable via SSH, and the hosting panels are blocked, said the Darkside operator while also complaining that the web hosting provider refused to cooperate.
In addition, the Darkside operator also reported that cryptocurrency funds were also withdrawn from the gangs payment server, which was hosting ransom payments made by victims. The funds, which the Darkside gang was supposed to split between itself and its affiliates (the threat actors who breach networks and deploy the ransomware), were transferred to an unknown wallet, Darksupp said.
This sudden development comes after US authorities announced their intention to go after the gang.
Read more: https://therecord.media/darkside-ransomware-gang-says-it-lost-control-of-its-servers-money-a-day-after-biden-threat/