World

Not All Hackers From DarkSide Group Located in Russia, Cybersecurity Firm Says

WASHINGTON (Sputnik) - The fact that members of the DarkSide hacking group speak Russian does not mean they all operate from within Russia and the majority of the cybercriminals are coming from Eastern Europe, cybersecurity firm FireEye Senior VP Charles Carmakal said during a congressional hearing on the Colonial Pipeline ransomware attack.
Sputnik

“DarkSide group is a network of different operators that conduct subversions on behalf of the DarkSide name. While there is a requirement to be affiliated with a DarkSide group that you have to speak the Russian language, it doesn't mean that every single operator is located within Russia. We assess that the majority of the operators are Eastern European criminals,” Carmakal said on Wednesday.

Carmakal said that his company does not possess any information indicating that the recent attacks against Colonial Pipeline and the meat producer JBS were directed by the Russian government.

At the same time, Carmakal welcomed US government attempts to encourage the Russian side to try to apprehend the cybercriminals as well as to stop them from conducting harmful operations.

The cyberattack on the major US fuel transporting facility Colonial Pipeline occurred on May 7 and triggered a gas outage crisis across the southern US states. The attack was attributed to an unknown group of allegedly Russian-speaking hackers. However, President Joe Biden said on several occasions that there was no evidence Russia was involved.

FireEye assisted the investigation of the Colonial Pipeline ransomware attack by respective US agencies.

Discuss