The group of hackers responsible for the Colonial Pipeline cyberattack received $90 million worth of Bitcoin ransom funding in the past nine months, research from an analytics company shows. The crime group announced it would cease operations last week.
Darkside was confirmed by the FBI to be behind the attack on the pipeline and is known for selling criminals software hacking materials to get money. On average, the suspected Eastern European group made $1.9 million per attack, according to Elliptic — a blockchain analytics group in England.
Colonial was the latest victim, a 5,500 mile-long oil pipeline that supplies 45 percent of the East Coast’s fuel. Darkside obtained $5 million in ransom money from Colonial and re-launched operations on May 12. The company claimed Tuesday the internal server went offline because of “intermittent disruptions.”
As of Tuesday, the GasBuddy app shows more than 10,400 U.S. gas stations do not have gas. Virginia, Georgia, Washington D.C., and both Carolinas have been hit the hardest, where people also panicked and purchased gas in bulk quantities. Gas prices went as high as $6.99 a gallon in the state of Virginia.
Criminal intelligence platform DarkTracer estimates that 99 groups have been attacked by Darkside’s malware in their systems. Fireye, a cybersecurity firm, found that since launching in August 2020, Darkside has conducted criminal activity in more than 15 countries and a variety of sectors.
Intel 471, a research group, confirmed last week that Darkside is no longer in operation because it lost access to its cryptocurrency wallets and online servers. The cryptocurrency can still be converted to fiat currency via the application Coinbase or another more advanced software.