XSS, a famous cybercriminal forum has straight away banned the ransomware affiliates including rentals, sales, and affiliate programs. The decision was taken after the attack on Colonial Pipelines with a shortfall on gas.
Flashpoint has confirmed that the administrator of XSS was reassured that it happened due to the ideological differences when the media attention escalated the high-profile attacks. According to Flashpoint, DarkSide is trying to secure its reputation and claims that they have had some disrupted tools which led to this unfortunate event.
DarkSide has mentioned that their group does not have access to the public side of the infrastructure anymore and that side includes the group’s bogs, DOS servers, and their payments. The aforementioned points were written in a post from a representative of DarkSide which was later on deleted.
The press secretary for Russian President, Vladimir Putin claimed that Russia is in no way a part of this attack on Colonial Pipeline.
The whole situation of the DarkSide caught a lot of ransomware groups’ attention and they have begun to stay cautious. A ransomware gang like REvil has released a set of rules and advised their members to avoid educational and healthcare units. As per the message by Flashpoint, the guidelines have established that all new guidelines must have the approval of the group leader.
Roger Grimes, data-driven defense evangelist at KnowBe4 stated that the cybercriminals at the DarkSide have gained unnecessary attention which may result in their arrest or punishment. He also mentioned that there are nations that steal money to enable themselves for government funds. He added that immediate massive action must be taken against nations that are trying to protect the ransomware gangs to prevent this from happening again.