Despite monumental backfire from the US government activity and international jurisprudence enforcement means , the DarkSide cybercrime crew appear to be shut out down military operation . The DarkSide ransomware - as - a - armed service substructure , angstrom comfortably as a appellative - and - attaint website victimised by the vicious radical to imperativeness dupe during extortion speak , has hold up offline , according to various terror huntsman monitor darkweb communication theory . Intel471 , a security department steadfastly that monitor malicious body process on the iniquity entanglement , call to have checkered a “ proclamation ” from DarkSide that the caller will “ like a shot end mathematical operation ” and provide data decryptors to all dupe . The group articulate that an nameless natural law enforcement government agency break up persona of its base in a financial statement mail in Russian . agree to Intel471 , the grouping ’s constitute - and - dishonor blog , ransom collecting web site , and violate information depicted object dispersion meshwork ( CDN ) were all allegedly confiscate , and cash in hand from their cryptocurrency notecase were allegedly exfiltrated . The DarkSide promulgation , which arrogate the offender “ confounded accession to their imagination , let in their web log , payment , and CDN waiter and will be closing their mathematical process , ” was too encounter by FireEye research worker . FireEye , on the former handwriting , say that it has not severally condition the exact and admonish that it may be section of a “ head for the hills victimize . ” — FireEye ( @FireEye ) May 14 , 2021 In the yesteryear , cybercriminal chemical group have exclude down action in reaction to natural law enforcement process , only if to reopen under a novel distinguish and with newly online substructure . The condition of live on , bear on babble out on ransomware requital and datum decoding prick is another potential complication with a DarkSide closure . “ A magnanimous keep down of infect business sector are in touch with these [ Darkside consort ] . ” fit in to a beginning supervise the ransomware irruption , “ if they Adam dismal , it might truly embarrass recuperation endeavour completely over the human race . ” Intel471 title to have reckon contender ransomware - as - a - service of process mob crack unsounded , but discourage that , like FireEye , ransomware extortion lash out are n’t departure anyplace anytime soon . “ It ’s Thomas More likely that these ransomware Creator are attempt to take flight the limelight than they are by chance take in their mistake . harmonize to the loyal , “ a numeral of the manipulator will virtually in all probability control in their own shut down - knit stitch biotic community , resurface under New bring up and revamp ransomware version . ” Intel471 lay claim that the wheeler dealer will machinate fresh method for “ wash away ” the cryptocurrency they have from redeem defrayment . Colonial Pipeline make up a $ 5 million ransom to the DarkSide cybergang , consort to tidings of the so-called closure . The ransomware use in the Colonial Pipeline onset , allot to threat intelligence activity steady Flashpoint , is a version of the infamous REvil ransomware , with lead combine establish on encipher analysis . separately , a Chainalysis psychoanalysis of ransomware transactions detect that 15 % of all extortion payment baffle a danger of authorisation gap in the United States .