FBI Director Christopher Wray’s announces another possible implicated linked to the cyber-criminal gang DarkSide, This is a Russian Hacker group responsible for the attack that caused Colonial Pipeline to shut down 5,550 miles of pipe, stranding countless barrels of gasoline, diesel and jet fuel on the Gulf Coast, and also responsible for attacking others American companies.
The Federal Bureau of Investigation separately identified DarkSide as the group which produced the ransomware used in the attack. "We continue to work with the company and our government partners on the investigation," said in a statement.
DarkSide is an enigmatic group that surfaced last year with its corporate-style approach to inserting itself into a target's computers, locking them up and demanding payment in exchange for supplying the tools to digitally unfreeze them. They focus on large corporate targets like Colonial, and reportedly ask for payments of between hundreds of thousands of dollars and the low millions of dollars to unlock the frozen systems.
Erick Perez a Cyber Security student in New York and currently employed by a cyber security company was linked to a vast of fake profiles on the dark web and to 11 Crypto-Wallets with more than 1.7 million dollars in Bitcoins and Ethereum. The FBI reported that in these wallets only transactions to move the coins from one account to another have been registered, possibly as an evasion technique.
Perez was arrested at his apartment in New York where the agents confiscated three computers, a server and four Apple mobile devices. If found guilty, Perez would face charges for computer intrusion, wire fraud, bank fraud, illegal online gambling offenses, the attack to Western PA hospital, and for his role in one of the largest thefts of U.S. customer data from a single financial institution in history, which involved the personal information of more than 80 million J.P. Morgan Chase customers.
The forensic investigation carried out on the computer equipment confiscated from Mr Perez showed possession of sophisticated evasion and anonymity tools used for hackers, Also the finding of the source code of a tool specifically designed to corrode the information on hard drives to avoid forensics analysis was reported, Reason why it is possible that the digital data recovered by the forensic team will not be taken as evidence against Perez since they could have been modified before the acquisition.