Category Archives: FBI

Hunter Flew out of Joint Base Andrews 23 Times

Posted on by

And yet daddy never knew about his business adventures nor asked about them? C’mon man…so many unknown unknowns about this cat and the whole family…

Breitbart:

Rep. Devin Nunes (R-CA), the ranking member of the House Permanent Select Committee on Intelligence (HPSCI), told Breitbart News that revelations in a new book that President Joe Biden’s son Hunter Biden took more than 20 trips through Joint Base Andrews are more proof of “utter corruption” of establishment media.

“The revelation of Hunter Biden’s trips through Joint Base Andrews is further proof of the corporate media’s utter corruption and blinding partisanship,” Nunes told Breitbart News exclusively on Sunday. “They dismissed, ridiculed, and censored reporting on Hunter’s obvious conflicts of interest for the sole purpose of helping Joe Biden’s election prospects. The corporate media has fully merged with the Democratic Party, and their reporting is indistinguishable from crude Democrat talking points.”

Nunes’s comments on this matter come after revelations about Hunter Biden’s travel practices, when his father was vice president to former President Barack Obama, were published Saturday from the new book Breaking the News: Exposing the Establishment Media’s Secret Deals and Hidden Corruption. In particular, the book—from Breitbart News Editor-in-Chief Alex Marlow—revealed Secret Service travel records that showed Hunter Biden took 411 trips, including to 29 foreign countries and 23 trips through Joint Base Andrews, from 2009 to 2014. During that time, his father—now the president of the United States—was vice president of the United States.

The reason why the Joint Base Andrews trips are important is because that is the home of Air Force One and Air Force Two. On Saturday, Breitbart News published a piece from Marlow adapted from the book that further explained the significance of the revelations:

Despite this evidence that there was not an “absolute wall” between Hunter and Joe when it comes to business endeavors, the establishment press has shown little interest in exploring whether Hunter was actually leveraging his father’s power to enrich himself. In fact, quite the contrary. The New York Times, for example, published a story in 2020 portraying Hunter as a skilled artist who was mastering painting. The article, headlined “There’s a New Artist in Town. The Name Is Biden,” un-ironically featured glossy photographs of a relaxed and polished Hunter Biden working away in his studio.

The American public has been told consistently that Hunter Biden is as pure as the driven snow. Joe Biden called his son “the smartest guy I know.” Dr. Jill Biden (Ed.D.) and Joe both expressed confidence that Hunter had done nothing wrong. And, of course, Joe said he thought it was all Russian disinformation. And of course, Facebook and Twitter famously censored bombshell reporting by the New York Post on Hunter Biden that has not been proven to be “Russian” or “disinfo.”

The fact that Hunter Biden flew through Joint Base Andrews during the Obama administration more than twenty times–and to nearly 30 countries on 411 total trips, per Secret Service records–seems to contradict claims that Joe Biden made when he was running for president in 2019. “I have never spoken to my son about his overseas business dealings,” Biden said on the campaign trail in Iowa in the summer of 2019. “Here’s what I know. Trump should be investigated.”

Biden then added specific instructions for the establishment media–which dutifully obliged his not-so-subtle demand that the media instead investigate his opponent then-President Donald Trump instead of his son Hunter.

“You should be looking at Trump,” Biden told the media in Des Moines when he arrived at the annual Democrat fundraiser the Polk County Steak Fry. “He’s doing this because he knows I’ll beat him like a drum. And he’s using an abuse of power and every element of the presidency to try to smear me … Ask the right questions.”

After that, most of the establishment media followed Biden’s orders and completely ignored the hard evidence that proves the Biden narrative about Hunter Biden is untrue. Many questions remain unanswered about exactly where Hunter Biden was going, with whom he was meeting, why he was using an American military base for trips, what he was doing on these trips, and more. Those questions remain unanswered in large part because of the fact the establishment media have ignored, by and large, the Hunter Biden matter for years.

Nunes weighing in on the matter, though, is a sign that top Republicans have begun wising up to these facts about establishment media outlets. He was a critical figure in Congress during the Trump administration when it came to fighting back against fake narratives such as the Russia collusion hoax claims, and later the push to impeach Trump the first time over his call with Ukraine’s president—which was, of course, a central point in the whole Hunter Biden narrative given that it was all about corruption concerns with the now-president’s son and shady business dealings in the eastern European nation.

 

CNA Financial reportedly paid $40 million due to Ransomware Demand

Posted on by

CNA is the seventh largest commercial insurer in the United States as of 2018. CNA provides property and casualty insurance products and services for businesses and professionals in the U.S., Canada, Europe and Asia.

CNA itself is 90% owned by a holding company, Loews Corporation. This holding company also has interests in offshore oil and gas drilling rigs, natural gas transmission pipelines, oil and gas exploration, hotel operations and package manufacturing.

CNA Financial Corporation – Jenkins MBA Careers | Poole College of Management | NC State University

CNA Financial, one of the largest US insurance companies, paid $40 million to free itself from a ransomware attack that occurred in March, according to a report from Bloomberg. The hackers reportedly demanded $60 million when negotiations started about a week after some of CNA’s systems were encrypted, and the insurance company paid the lower sum a week later.

If the $40 million figure is accurate, CNA’s payout would rank as one of the highest ransomware payouts that we know about, though that’s not for lack of trying by hackers: both Apple and Acer had data that was compromised in separate $50 million ransomware demands earlier this year. It also seems like the hackers are looking for bigger payouts: just this week we saw reports that Colonial Pipeline paid a $4.4 million ransom to hackers. While that number isn’t as staggering as the demands made to CNA, it’s still much higher than the estimated average enterprise ransomware demand in 2020.

Law enforcement agencies recommend against paying ransoms, saying that payouts will encourage hackers to keep asking for higher and higher sums. For its part, CNA told Bloomberg that it wouldn’t comment on the ransom, but that it had “followed all laws, regulations, and published guidance, including OFAC’s 2020 ransomware guidance, in its handling of this matter.” In an update from May 12, CNA says that it believes its policyholders’ data were unaffected.

According to Bloomberg, the ransomware that locked CNA’s systems was Phoenix Locker, a derivative of another piece of malware called Hades. Hades was allegedly created by a Russian group with the Mr. Robot-esque name Evil Corp.

***

Ransomware Attack Payment

Ransomware attack payments are rarely disclosed. According to Palo Alto Networks, the average payment in 2020 was $312,493, and it is a 171% increase from the payments that companies made in 2019.

The $40 million payment made by CNA Financial is bigger than any previously disclosed payments to hackers, The Verge reported.

Disclosure of the payment is likely to draw the ire of lawmakers and regulators that are already unhappy that companies from the United States are making large payouts to criminal hackers who, over the last year, have targeted hospitals, drug makers, police forces, and other entities that are critical to public safety.

The FBI discourage organizations from paying ransom because it encourages additional attacks and does not guarantee that data will be returned.

Ransomware is a type of malware that encrypts the data of the victim. Cybercriminals using ransomware usually steal the data too. The hackers, then, ask for a payment to unlock the files and promise not to leak stolen data. In recent years, hackers have been targeting victims with cyber insurance policies and huge volumes of sensitive consumer data that make them more likely to pay a ransom.

Last year was a banner year for ransomware groups, with security experts and law enforcement agencies estimating that victims paid about $350 million in ransom. The cybercriminals took advantage of the pandemic, a time when hospitals, medical companies, and insurance companies were the busiest.

As per Bloomberg’s report, CNA Financial initially ignored the hackers’ demands while pursuing options to recover their files without engaging with the criminals. However, within a week, the company decided to start negotiations with the hackers, who were demanding $60 million.

Payment was made a week later. source

CNA notifying cyberattack

Source

The ransomware cyberattack interrupted the company’s employee and customer services for three days as the firm closed down “out of an abundance of caution” to prevent further damage. Certain CNA systems were impacted, including corporate email.

At Least 18 Scientists Demand Lab Leak Investigation on Covid

Posted on by

Primer: Who is Dr. Ralph Baric and what is his role in the Wuhan lab?

UNC-CH ranks as a world leader in COVID-19 research - here ...

This page lists documents in Professor Ralph Baric’s emails, which U.S. Right to Know obtained via a public records request. Dr. Baric is a coronavirus expert at the University of North Carolina, Chapel Hill (UNC). He has developed genetic techniques to enhance the pandemic potential of existing bat coronaviruses in collaboration with Dr. Zhengli Shi at the Wuhan Institute of Virology and with EcoHealth Alliance.

The emails show internal discussions and an early draft of a key scientists’ letter about coronavirus origins, and shed some light on relationships between U.S. and Chinese experts in biodefense and infectious diseases, and the roles of organizations such as EcoHealth Alliance and National Academy of Sciences (NAS).

Please email anything of interest we may have missed to [email protected], so that we can include them below.

Items from Baric emails

  1. Tracy McNamara, Professor of Pathology at Western University of Health Sciences in Pomona, California wrote on March 25, 2020: : “The Federal govt has spent over $1 billion dollars in support of the Global Health Security Agenda to help developing nations create the capacity to detect/report/respond to pandemic threats. An additional $200 million was spent on the PREDICT project via USAID looking for emerging viruses in bats, rats and monkeys overseas. And now the Global Virome Project wants $1.5 billion dollars to run around the world hunting down every virus on the face of the earth. They will probably get funding. But none of these programs have made taxpayers safer right here at home.” (emphasis in the original)
  2. Dr. Jonathan Epstein, Vice President for Science and Outreach at EcoHealth Alliance, sought guidance for a request from the U.S. Defense Advanced Research Projects Agency (DARPA) about communicating “potentially sensitive dual-use information” (March 2018).
  3. EcoHealth Alliance paid Dr. Baric an undisclosed sum as honorarium (January 2018).
  4. Invitation to U.S. National Academy of Sciences, Engineering and Medicine (NASEM) and the Chinese Academy of Agricultural Sciences (CAAS) U.S. China Dialogue and Workshop on the Challenges of Emerging Infections, Laboratory Safety, Global Health Security and Responsible Conduct in the Use of Gene Editing in Viral Infectious Disease Research, Harbin, China, Jan 8-10, 2019 (November 2018-January 2019). Preparatoryemails and a travel memorandum indicate the identities of the American participants.
  5. NAS invitation to a meeting of U.S. and Chinese experts working to counter infectious disease and improve global health (November 2017). The meeting was convened by the NAS and the Galveston National Laboratory. It took place on January 16-18, 2018, in Galveston, Texas. A travel memorandum indicates the identities of the American participants. Subsequent emails show that the WIV’s Dr. Zhengli Shi is present at the meeting.
  6. On February 27, 2020, Baric wrote, “at this moment the most likely origins are bats, and I note that it is a mistake to assume that an intermediate host is needed.”
  7. On March 5, 2020, Baric wrote, “there is absolutely no evidence that this virus is bioengineered.”

For more information

A link to Professor Ralph Baric’s emails can be found here:Baric emails (~83,416 pages)

U.S. Right to Know is posting documents from our Biohazards investigation. See:FOI documents on origins of SARS-CoV-2, hazards of gain-of-function research and biosafety labs.

NR:

For well over a year, a certain clique of researchers tarred the idea that COVID-19 initially escaped from a laboratory in Wuhan as a conspiracy theory. Now, their grip on that narrative within the scientific community is loosening, as a growing chorus of experts calls for a closer look at this lab-leak hypothesis.

In a letter published this afternoon at Science, 18 scientists call for an investigation into the pandemic’s origins that does not discount the possibility of a lab leak. “Theories of accidental release from a lab and zoonotic spillover both remain viable,” they write. “Knowing how COVID-19 emerged is critical for informing global strategies to mitigate the risk of future outbreaks.”

These researchers include Dr. Ralph Baric, a leading coronavirus expert who has done research on bat coronaviruses with Dr. Shi Zhengli of the Wuhan Institute of Virology, and several other prominent virologists. They have joined the WHO director-general, top intelligence officials, and other U.S. government experts in asserting that such a leak remains a possible explanation, despite a joint WHO-China study’s findings that such a theory is “extremely unlikely.” Like the Biden administration and 13 other countries that signed onto a U.S.-led statement after the report’s release, they raise concerns about how the panel reached its findings. Their letter comes as members of Congress have started to ramp up their scrutiny of a potential lab-leak origin. Already, the scientists’ letter has caught the attention of lawmakers involved in COVID investigation efforts, with Representatives Cathy McMorris Rodgers, Brett Guthrie, and Morgan Griffith, saying in a statement, “We look forward to working with them and all who will follow the science in order to complete this investigation.”

Jamie Metzl, an adviser to the WHO and a senior fellow at the Atlantic Council, explained the letter’s significance on Twitter. “The chokehold on public consideration of an accidental lab incident as a possible #pandemic origin has just been broken. Following publication of the Science letter, it will be irresponsible for any scientific journal or news outlet to not fully represent this viable hypothesis.”

The Science letter finds the joint WHO-China report lacking and evaluates the likelihood of the different origin theories that the panel assessed: “Although there were no findings in clear support of either a natural spillover or a lab accident, the team assessed a zoonotic spillover from an intermediate host as ‘likely to very likely, and a laboratory incident as ‘extremely unlikely.’”

The authors of the letters add, “Furthermore, the two theories were not given balanced consideration. Only 4 of the 313 pages of the report and its annexes addressed the possibility of a laboratory accident.”

The letter doesn’t claim that the lab-leak hypothesis is more credible than the zoonotic origin theory. It’s notable, however, that a letter in a major scientific journal is putting these two theories on equal footing.

The Lancet, another journal, rejected a letter submitted by 14 biologists and geneticists in January arguing that “a lab origin cannot be formally discarded.”

Some figures associated with The Lancet have called the lab-leak scenario a conspiracy theory, including Jeffrey Sachs, the chair of the medical journal’s COVID commission, and Peter Daszak, the chair of the commission’s sub-committee on COVID’s origins. Daszak, whose nonprofit research group received hundreds of thousands of dollars from the National Institutes of Health for studies on bat coronaviruses at the Wuhan Institute of Virology, was a member of the joint WHO-China panel and has faced accusations that he failed to disclose potential conflicts of interest.

Richard Ebright, a Rutgers University chemical biology professor, told National Review last month that their efforts helped to create the false impression that there is a scientific consensus against the possibility of a lab-leak origin. “No such consensus existed then. No such consensus exists now,” he said.

This latest entry into the debate, in the pages of a preeminent scientific journal, shows that the ground is shifting away from a hollow narrative that has been all-too pervasive since the start of the pandemic.

 

Is this an Extension of Red Flag Law(s) by DHS?

Posted on by

JTN: The Department of Homeland Security has launched a $500,000 grant program for research and data collection on insider threats in the country’s law enforcement agencies.

A blue banner displaying the U.S. Department of Homeland Security seal with the text National Terrorism Advisory System - Bulletin - www.dhs.gov/advisories

The premise for the grant, “Insider Threats in American Law Enforcement,” is that the U.S. is facing a rising number of internal threats and an understanding of the changing environment is needed.

“Due to the growing number of threats our nation is combating,” the grant synopsis explains, the DHS Science and Technology Directorate “supports the evolving threat landscape of a dynamic world with changing motivations, actors, communication models and weaponry.”

The grant prioritizes data collection and technological innovation as means to identify, understand and combat the purported threat of penetration of U.S. law enforcement agencies by violent extremists.

“Objectives of this effort will identify high quality data to understand the risks posed to the United States by the potential for violent extremist organizations or lone actors to infiltrate law enforcement agencies (LEAs) and other government institutions,” the synopsis states.

While billing U.S. taxpayers $500K for this initiative to understand these clandestine “extremist organizations” infiltrating law enforcement, the grant neglects to define what it means by “extremist organizations.”

The research and data collected under the grant is to be shared with a variety of agencies, including private organizations. Yet civil rights and liberties will not be violated in the combined public-private harvesting and sharing of data about undefined “extremists,” DHS insists.

“Knowledge and findings from this research will be transferred to federal, state, local, and private organizations to enable education and awareness to reinforce a whole-of-society prevention architecture while respecting civil rights and civil liberties,” according to the grant description. “These prevention efforts will equip and empower local efforts — including peers, teachers, community leaders, and law enforcement — to minimize a threat as it evolves while enhancing emergency preparedness and response.”

The grant will task the awardee with understanding law enforcement threats from the perspectives of numerous fields, including including economics, psychology, politics and criminology. “The awardee(s) will assist with a range of activities,” the grant specifies, including designing data collection strategies, collecting data from primary and secondary sources, and analyzing data while identifying subject matter experts to participate in interviews and/or focus groups.”

Analyzing research from these various fields and experts will help fill in the gaps in understanding the threat environment and help “counter the threats posed by violent extremists and violent ideologies to United States LEAs and the public,”

The closing date for the grant applications is May 16, a day after the country concludes National Police Week. The week of May 9-May 15 has been designated as National Police Week since 1962 to recognize the service and sacrifice of federal, state and local law enforcement.

As reported by Just the News this week, the DHS and the Department of Defense have announced internal investigations of “extremism” within their departments, raising alarms among conservative civil liberties watchdogs, as the agencies’ notions of “extremism” were  vague and appeared to omit from scrutiny far-left extremist groups implicated in widespread political violence in 2020.

***

Date Issued:  Friday, May 14, 2021 02:00 pm ET
View as PDF:  National Terrorism Advisory System Bulletin – May 14, 2021 (pdf, 1 page, 359.67KB)

Summary of Terrorism Threat to the U.S. Homeland

 

The Secretary of Homeland Security has issued a new National Terrorism Advisory System (NTAS) Bulletin regarding the current heightened threat environment across the United States.  The Homeland is facing threats that have evolved significantly and become increasingly complex and volatile in 2021. These threats include those posed by domestic terrorists, individuals and groups engaged in grievance-based violence, and those inspired or influenced by foreign terrorists and other malign foreign influences.  Social media and online forums are increasingly exploited by these actors to influence and spread violent extremist narratives and activity.  Such threats also are exacerbated by the impacts from the ongoing global pandemic.

 

Duration

Issued:  May 14, 2021 02:00 pm
Expires:  August 13, 2021 02:00 pm

Additional Details

  • Violent extremists may seek to exploit the easing of COVID-19-related restrictions across the United States to conduct attacks against a broader range of targets after previous public capacity limits reduced opportunities for lethal attacks.
  • Historically, mass-casualty Domestic Violent Extremist (DVE) attacks linked to racially- or ethnically-motivated violent extremists (RMVEs) have targeted houses of worship and crowded commercial facilities or gatherings. Some RMVEs advocate via social media and online platforms for a race war and have stated that civil disorder provides opportunities to engage in violence in furtherance of ideological objectives.
  • Through 2020 and into 2021, government facilities and personnel have been common targets of DVEs, and opportunistic violent criminals are likely to exploit Constitutionally-protected freedom of speech activity linked to racial justice grievances and police use of force concerns, potentially targeting protestors perceived to be ideological opponents.
  • Ideologically-motivated violent extremists fueled by perceived grievances, false narratives, and conspiracy theories continue to share information online with the intent to incite violence. Online narratives across sites known to be frequented by individuals who hold violent extremist ideologies have called for violence against elected officials, political representatives, government facilities, law enforcement, religious or commercial facilities, and perceived ideologically-opposed individuals.
  • The use of encrypted messaging by lone offenders and small violent extremist cells may obscure operational indicators that provide specific warning of a pending act of violence.
  • Messaging from foreign terrorist organizations, including al-Qa‘ida and ISIS, intended to inspire U.S.-based homegrown violent extremists (HVEs) continues to amplify narratives related to exploiting protests. HVEs, who have typically conducted attacks against soft targets, mass gatherings, and law enforcement, remain a threat to the Homeland.
  • Nation-state adversaries have increased efforts to sow discord. For example, Russian, Chinese and Iranian government-linked media outlets have repeatedly amplified conspiracy theories concerning the origins of COVID-19 and effectiveness of vaccines; in some cases, amplifying calls for violence targeting persons of Asian descent.
  • DHS encourages law enforcement and homeland security partners to be alert to these developments and prepared for any effects to public safety. Consistent with applicable law, state, local, tribal, and territorial (SLTT) law enforcement organizations should maintain situational awareness of online and physical activities that may be related to an evolving threat of violence.

How We Are Responding

  • DHS and the Federal Bureau of Investigation (FBI) continue to provide guidance to SLTT partners about the current threat environment. Specifically, DHS has issued numerous intelligence assessments to SLTT officials on the evolving threat.
  • DHS is collaborating with industry partners to identify and respond to those individuals encouraging violence and attempting to radicalize others through spreading disinformation, conspiracy theories, and false narratives on social media and other online platforms.
  • DHS has prioritized combatting DVE threats within its FEMA grants as a National Priority Area.
  • DHS remains committed to identifying and preventing domestic terrorism.

How You Can Help

Be Prepared and Stay Informed

  • Be prepared for any emergency situations and remain aware of circumstances that may place your personal safety at risk.
  • Maintain digital media literacy to recognize and build resilience to false and harmful narratives.
  • Make note of your surroundings and the nearest security personnel.
  • Business owners should consider the safety and security of customers, employees, facilities, infrastructure, and cyber networks.
  • Government agencies will provide details about emerging threats as information is identified. The public is encouraged to listen to local authorities and public safety officials.

If You See Something, Say Something®. Report suspicious activity to local law enforcement or call 911.

 

Looks Like Law Enforcement Actually Shutdown DarkSide

Posted on by

A big hat tip to the work of law enforcement but which agency remains unknown at this point.

Shutting down the servers of DarkSide is a great achievement but not before there were other victims such as Toshiba.

A Toshiba Corp (6502.T) unit said it was hacked by the DarkSide ransomware group, overshadowing an announcement of a strategic review for the Japanese conglomerate under pressure from activist shareholders to seek out suitors.

Toshiba Tec Corp (6588.T), which makes products such as bar code printers and is valued at $2.3 billion, was hacked by DarkSide – the group widely believed to be behind the recent Colonial Pipeline attack, its French subsidiary said.

From Krebs:

The DarkSide ransomware affiliate program responsible for the six-day outage at Colonial Pipeline this week that led to fuel shortages and price spikes across the country is running for the hills. The crime gang announced it was closing up shop after its servers were seized and someone drained the cryptocurrency from an account the group uses to pay affiliates.

“Servers were seized (country not named), money of advertisers and founders was transferred to an unknown account,” reads a message from a cybercrime forum reposted to the Russian OSINT Telegram channel.

“A few hours ago, we lost access to the public part of our infrastructure,” the message continues, explaining the outage affected its victim shaming blog where stolen data is published from victims who refuse to pay a ransom.

“Hosting support, apart from information ‘at the request of law enforcement agencies,’ does not provide any other information,” the DarkSide admin says. “Also, a few hours after the withdrawal, funds from the payment server (ours and clients’) were withdrawn to an unknown address.”

DarkSide organizers also said they were releasing decryption tools for all of the companies that have been ransomed but which haven’t yet paid.

“After that, you will be free to communicate with them wherever you want in any way you want,” the instructions read.

The DarkSide message includes passages apparently penned by a leader of the REvil ransomware-as-a-service platform. This is interesting because security experts have posited that many of DarkSide’s core members are closely tied to the REvil gang.

The REvil representative said its program was introducing new restrictions on the kinds of organizations that affiliates could hold for ransom, and that henceforth it would be forbidden to attack those in the “social sector” (defined as healthcare and educational institutions) and organizations in the “gov-sector” (state) of any country. Affiliates also will be required to get approval before infecting victims.

The new restrictions came as some Russian cybercrime forums began distancing themselves from ransomware operations altogether. On Thursday, the administrator of the popular Russian forum XSS announced the community would no longer allow discussion threads about ransomware moneymaking programs.

“There’s too much publicity,” the XSS administrator explained. “Ransomware has gathered a critical mass of nonsense, bullshit, hype, and fuss around it. The word ‘ransomware’ has been put on a par with a number of unpleasant phenomena, such as geopolitical tensions, extortion, and government-backed hacks. This word has become dangerous and toxic.”

In a blog post on the DarkSide closure, cyber intelligence firm Intel 471 said it believes all of these actions can be tied directly to the reaction related to the high-profile ransomware attacks covered by the media this week.

“However, a strong caveat should be applied to these developments: it’s likely that these ransomware operators are trying to retreat from the spotlight more than suddenly discovering the error of their ways,” Intel 471 wrote. “A number of the operators will most likely operate in their own closed-knit groups, resurfacing under new names and updated ransomware variants. Additionally, the operators will have to find a new way to ‘wash’ the cryptocurrency they earn from ransoms. Intel 471 has observed that BitMix, a popular cryptocurrency mixing service used by Avaddon, DarkSide and REvil has allegedly ceased operations. Several apparent customers of the service reported they were unable to access BitMix in the last week.”

***

“The funds, which the Darkside gang was supposed to split between itself and its affiliates (the threat actors who breach networks and deploy the ransomware), were transferred to an unknown wallet, Darksupp said.” reported TheRecord.

The news was revealed by a member of REvil ransomware gang, known as ‘UNKN,’ in a forum post on the Exploit hacking forum. The post was first spotted by Recorded Future researcher Dmitry Smilyanets, it includes a message allegedly from DarkSide explaining how the gang lost access to their blog, payment servers, and DDoS servers as a result of an action conducted by law enforcement action. source

Darkside

“Since the first version, we have promised to speak honestly and openly about problems. A few hours ago, we lost access to the public part of our infrastructure, namely:

  • Blog.
  • Payment server.
  • DOS servers.”

reads the post from UNKN. “Now these servers are unavailable via SSH, the hosting panels are blocked. Hosting support, apart from information “at the request of law enfocement agencies”, does not provide any other information.”