Colonial Pipeline Ransomware attackers proclaim their apolitical stance: DarkSide gang added they will ‘start vetting targets’

DarkSide Ransomware
We are in it just for the money claims DarkSide Ransomware gang. Pic credit: Pete Linforth/Pixabay

The DarkSide ransomware gang has issued a “Press Release” which stresses the cybercriminals are not political. Hence, they will “start vetting targets” before attacking them.

Colonial Pipeline, the largest fuel pipeline in the United States was reportedly attacked in the virtual world. The attackers have now indicated that they do not have any political affiliation, and their primary goal is making money.

‘Our goal is to make money, and not creating problems for society’, proclaims DarkSide Ransomware gang:

Last week, the DarkSide ransomware gang encrypted the network for the Colonial Pipeline. As a result, the company temporarily shut down its network and the fuel pipeline.

The group that claimed responsibility for the cybercrime, has issued a Press Release. The DarkSide ransomware gang has stated that they are apolitical. The group added that it is not associated with any government:

“We are apolitical, we do not participate in geopolitics, do not need to tie us with a defined government and look for other our motives.

Our goal is to make money, and not creating problems for society.
From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.” – DarkSide gang.

Incidentally, DarkSide operates as Ransomware-as-a-Service. Essentially, there are two groups involved in the operation.

One group is in charge of core operations. This group develops the main ransomware as deployable software.

The other group basically consists of freelancing groups or individuals. These “affiliates” hack networks and deploy the ransomware.

Reports indicate one of the affiliates of DarkSide picked the wrong target with Colonial Pipeline. Hence, the group has indicated it will evaluate all targets before it allows an affiliate to perform an attack.

Some security experts have expressed concern over the Press Release and the rules. While the group may not touch critical infrastructure, there’s no assurance about the affiliates.

Affiliates who work with DarkSide might just abandon ship and join another group that runs the core ransomware operations.

The U.S. declares state of emergency after ransomware attack attempted to cripple country’s largest oil pipeline:

The Press Release from the DarkSide ransomware gang seems to be in response to the U.S. administration declaring a state of emergency. Specially speaking, the Federal Motor Carrier Safety Administration (FMCSA) has issued a regional emergency declaration affecting 17 states and the District of Columbia.

The derogations reportedly apply only for the duration of the emergency state caused by “the shutdown, partial shutdown, and/or manual operation of the Colonial pipeline system.” The provisions of the declaration shall remain in effect until the end of the emergency state or until 11:59 P.M. (ET), June 8, 2021, whichever comes first.


Needless to mention, Colonial Pipeline’s operations are critical for markets and refineries on the East Coast. The pipelines account for 45 percent of all fuel consumed in the region.

The company’s transport infrastructure can deliver at least 2.5 million barrels of refined petroleum products every day to points throughout the southern and eastern U.S.

Notify of
Inline Feedbacks
View all comments
Would love your thoughts, please comment.x