quote:
The criminal hacking group DarkSide, which the F.B.I. has blamed for carrying out a ransomware attack that crippled fuel delivery across the Southeastern United States this week, has announced that it is shutting down because of unspecified “pressure” from the United States.
In a statement written in Russian and provided to The New York Times on Friday by the cybersecurity firm Intel 471, DarkSide said it had lost access to the public-facing portion of its online system, including its blog and payment server, as well as funds that it said had been withdrawn to an unknown account. It said the group’s main web page and other public-facing resources would go offline within 48 hours.
“Due to the pressure from the U.S., the affiliate program is closed,” the statement said, referring to intermediary hackers, the so-called affiliates, it works with to break into corporate computer systems. “Stay safe and good luck.”
What that pressure may have been is unclear, but on Thursday, President Biden said the United States would not rule out a retaliatory strike against DarkSide that would “disrupt their ability to operate.” The White House spokeswoman, Jen Psaki, said the administration was waiting for recommendations from U.S. Cyber Command, but government officials on Friday declined to comment further about whether any action had been taken.
Cybersecurity analysts cautioned that the DarkSide statement could be a ruse, allowing its members to regroup and deflect the negative attention caused by the attack. The group’s announcement was reported earlier by The Wall Street Journal.