Dutch police seize server of DarkSide ransomware group
Dutch police seize server of DarkSide ransomware group
The Dutch police confiscated a server of the DarkSide group and obtained terabytes of stolen data. DarkSide was also behind the attack on an American oil pipeline company, but no data has been obtained.
The data stored on DarkSide's server was not encrypted and the police were therefore able to investigate the information. Police found no data on the recent attack on the Colonial Pipeline Company . That writes the FD , which spoke to the police about the action. The notorious attack on the infrastructure of the American company meant that a major oil pipeline had to be shut down. Behind the attack is said to be a relatively new Russian group called DarkSide, which managed to loot 100GB of data from the pipeline company.
The police did find data from an unnamed Dutch tech company. This company was previously hit by ransomware, but the damage turned out to be not too bad because the company had good backups. According to the police, the company could also have recovered its data via the seized server. It is not known which tech company is involved and when this attack took place.
According to Sander van der Maden, strategic advisor to the High Tech Crime Team of the police, cyber criminals make above-average use of the infrastructure of Dutch web hosts, partly because of the fast and stable internet connections these companies offer.
In mid-May, DarkSide itself announced that it could no longer reach its blog, payment server and content delivery network server via ssh and that its hosting partner announced that the block had been imposed by the authorities. This may have been the action of the Dutch police. Security firm Intel 471 wrote about this group's announcement at the time.
The Dutch police confiscated a server of the DarkSide group and obtained terabytes of stolen data. DarkSide was also behind the attack on an American oil pipeline company, but no data has been obtained.
The data stored on DarkSide's server was not encrypted and the police were therefore able to investigate the information. Police found no data on the recent attack on the Colonial Pipeline Company . That writes the FD , which spoke to the police about the action. The notorious attack on the infrastructure of the American company meant that a major oil pipeline had to be shut down. Behind the attack is said to be a relatively new Russian group called DarkSide, which managed to loot 100GB of data from the pipeline company.
The police did find data from an unnamed Dutch tech company. This company was previously hit by ransomware, but the damage turned out to be not too bad because the company had good backups. According to the police, the company could also have recovered its data via the seized server. It is not known which tech company is involved and when this attack took place.
According to Sander van der Maden, strategic advisor to the High Tech Crime Team of the police, cyber criminals make above-average use of the infrastructure of Dutch web hosts, partly because of the fast and stable internet connections these companies offer.
In mid-May, DarkSide itself announced that it could no longer reach its blog, payment server and content delivery network server via ssh and that its hosting partner announced that the block had been imposed by the authorities. This may have been the action of the Dutch police. Security firm Intel 471 wrote about this group's announcement at the time.
