The recent attack on Colonial Pipeline has raised the eyebrows of many US policymakers and has put a lot of focus on the DarkSide ransomware threat group.
The Biden-Harrris Administration in the US has launched iniaitives to address the Colinial pipeline incident..
The ransomware group has published multiple advertisements in the past to hire hackers, affiliates, mules from various cybercrime marketplaces.
Seeing the massive response from the US government, including the law enforcement agencies, is making some of the hacking forums, such as XSS admin, twitchy.
A few hours ago, XSS admin, announced “No more ransom! Banning lockers on the forum”. Essentially, they are avoiding unwanted attention.
Translated Text – ” It’s not a secret for anyone, I personally don’t like lockers, why? Few lockers are technically interesting. Most of them (not all) are mediocre technical tools.
The main purpose of the DaMaGeLaB forum is knowledge. We are a technical forum, we learn, research, share knowledge, write interesting articles. The goal of Ransomware is just to make money. The goals are not the same. No, of course, everyone needs money, but not to the detriment of basic aspirations. We are not a market or a marketplace.
Degradation on the face. Newbies open up the media, see some crazy virtual millions of dollars that they will never get. They don’t want anything, they don’t learn anything, they don’t code anything, they just don’t even think, the whole essence of being comes down to “encrypt – get $”. They just run to github, look for locker sorts there and run to encrypt everything they see. Since our forum is aimed at beginners, this factor is important to us.
Too much PR. Lockers (ransom) have accumulated a critical mass of nonsense, nonsense, hype, noise. When you meet the ” Ransomvarny negotiator ” Profession , you understand that you are in the looking glass or just crazy. Moreover, 90% of this madness was created artificially, feeding this hype. Those who make good money on this noise (exchanges, insurance, intermediaries, media, etc.)
Policy and hazard level. Peskov is forced to make excuses to our overseas “friends” – this is some kind of nonsense and exaggeration. The word ranso was equated with a number of unpleasant phenomena – geopolitics, extortion, government hacking. This word has become dangerous and toxic.
Lockers will exist for a long time. They too loudly promoted this phenomenon.”
In response to the XSS Admin announcement, the DarkSide ransomware operators alias responded as below:
The DarkSide ransomware post is still available on ‘Exploit’ Cybercrime forum –
The last post made by the group was on April 15, 2021 as below (on Exploit Cybercrime forum). The DarkSide ransomware group has been quite active in sharing their updates to their cryptos, and often bragging about their development capabilities. See below:
The ‘LockBit’ ransomware alias made a similar comment to the announcement –
CISA and FBI have shared a set of recommendations in relation to mitigating ransomware attacks
Cyble is a global threat intelligence SaaS provider that helps enterprises protect themselves from cybercrimes and exposure in the darkweb. Cyble’s prime focus is to provide organizations with real-time visibility into their digital risk footprint. Backed by Y Combinator as part of the 2021 winter cohort, Cyble has also been recognized by Forbes as one of the top 20 Best Cybersecurity Startups To Watch In 2020. Headquartered in Alpharetta, Georgia, and with offices in Australia, Singapore, and India, Cyble has a global presence. To learn more about Cyble, visit www.cyble.com.