The operator of the ransomware group Darkside, believed to originate in Eastern Europe or Russia, has been unable to access its computer systems to conduct cyber attacks. Associates close to the hacking group said it would disband, citing international pressure from the US, said security research firm FireEye.
"A few hours ago, we lost access to the public part of our infrastructure, namely: Blog. Payment server. DOS servers," Darksupp, the operator of the Darkside ransomware, said.
Now, these servers are unavailable via SSH, and the hosting panels are blocked."
Darksupp also reported cryptocurrency funds were withdrawn from the payment server and would be split between itself and its associates.
This sudden dispersion of the hacking group is suspicious. Who would disband a hack operation for a measly $5 million - that will barely buy a mansion in the Bay Area.
On Thursday, President Joe Biden announced his administration had been "in direct communication with Moscow about the imperative for responsible countries to take decisive action against these ransomware networks" and would "pursue a measure to disrupt their ability to operate."
Biden said, "We do not believe the Russian government was involved in this attack, but we do have strong reason to believe that the criminals who did the attack are living in Russia, that's where it came from."
But not everyone is convinced DarkSide is a legitimate hacking group but rather a cover for a rogue group of CIA hackers.