In a statement written in Russian and provided to The New York Times on Friday by the cybersecurity firm Intel 471, DarkSide said it had lost access to the public-facing portion of its online system, including its blog and payment server, as well as funds that it said had been withdrawn to an unknown account. It said the group’s main web page and other public-facing resources would go offline within 48 hours.
“Due to the pressure from the U.S., the affiliate program is closed,” the statement said, referring to intermediary hackers, the so-called affiliates, it works with to break into corporate computer systems. “Stay safe and good luck.”
What that pressure may have been is unclear, but on Thursday, President Biden said the United States would not rule out a retaliatory strike against DarkSide that would “disrupt their ability to operate.” The White House spokeswoman, Jen Psaki, said the administration was waiting for recommendations from U.S. Cyber Command, but government officials on Friday declined to comment further about whether any action had been taken.