US authorities offer $ 10 million reward for intelligence on the DarkSide gang, while Interpol claims half a dozen people have been arrested in Ukraine on suspicion of being part of the extortion team. the Cl0p.
The American bounty was offered last night by the Foreign Office, which said in a press release he wants information on “anyone who holds a key leadership position in the transnational organized crime group variant of the DarkSide ransomware.”
DarkSide was the criminal team involved in hacking the U.S. Colonial Pipeline, where a vital oil pipeline supplying America’s east coast was out of service for weeks following a ransomware attack. The company bought out the crooks to regain access to its billing software; the attack did not compromise the operational technology (OT) used to control the pipeline itself.
In a not-too-subtle speech on Russia from Vladimir Putin, the US State Department added, “The United States looks to countries that harbor ransomware criminals who are ready to bring justice to businesses and organizations that have fallen victim to ransomware. ransomware. “
There is also a $ 5 million reward for anyone providing information that leads to “the arrest and / or conviction in any country of any person conspiring to participate or attempting to participate in a ransomware incident. DarkSide “.
A member of Blackmatter (aka Darkside) said yesterday that the ransomware team had shut down due to “some intractable circumstances related to pressure from the authorities.”
Most suspect this isn’t the last time we’ll see the crew.
In other ransomware-gang-pwning news, Interpol said today that Ukrainian and South Korean police forces were aided by the infosec industry when they arrested half a dozen people suspected of being part of the Cl0p ransomware gang.
The 30-month “transcontinental investigation”, dubbed Operation Cyclone by Interpol, reportedly led to the publication of Interpol Red Notices (international notes please-stop-this-suspect), resulting in arrests in June. Publicly visible Cl0p activity declined after the arrests.
“Despite the spiraling global ransomware attacks, this police-private sector coalition saw one of the first arrests of online criminal gangs by global law enforcement, sending a powerful message to ransomware criminals that few no matter where they hide in cyberspace, we will pursue them relentlessly. said Craig Jones, director of cybercrime at Interpol.
Infosec companies that helped investigating authorities were named by Europol today as Trend Micro, CDI, Kaspersky Lab, Palo Alto Networks, Fortinet and Group-IB, as well as Koreans S2W Lab and KFSI.
The partnership stemmed from Interpol’s Gateway Project, which the organization’s general secretary, Jürgen Stock, had previously compared to multinational law enforcement projects designed to eliminate “gangs of traffickers or mafia.”
“Ransomware has become too big a threat for any entity or industry to tackle on its own; the magnitude of this challenge urgently demands united global action which INTERPOL can uniquely facilitate as a neutral and trusted global partner, ”added Secretary-General Stock, speaking in July. . ®