From the Greed makes you stupid files:
The Colonial Pipeline Ransomware Hackers Had a Secret Weapon: Self-Promoting Cybersecurity Firms
Five months before DarkSide attacked the Colonial pipeline, two researchers discovered a way to rescue its ransomware victims. Then an antivirus company’s announcement alerted the hackers.
On Jan. 11, antivirus company Bitdefender said it was “happy to announce” a startling breakthrough. It had found a flaw in the ransomware that a gang known as DarkSide was using to freeze computer networks of dozens of businesses in the U.S. and Europe. Companies facing demands from DarkSide could download a free tool from Bitdefender and avoid paying millions of dollars in ransom to the hackers.
[Pro tip: When you find a flaw in the enemy's defensive or offensive capacity, don't fucking tell them.]
But Bitdefender wasn’t the first to identify this flaw. Two other researchers, Fabian Wosar and Michael Gillespie, had noticed it the month before and had begun discreetly looking for victims to help. By publicizing its tool, Bitdefender alerted DarkSide to the lapse, which involved reusing the same digital keys to lock and unlock multiple victims. The next day, DarkSide declared that it had repaired the problem, and that “new companies have nothing to hope for.”
“Special thanks to BitDefender for helping fix our issues,” DarkSide said. “This will make us even better.”
[Pro tip # 2: When your idiot enemy tells you their secrets, don't fucking thank them. DarkSide would have done much better to simply let BitDefender keep running it mouth.
Jeebus, people!]
[This whole episode just goes to show: Hackers (on either side) aren't necessarily clever people; they're just people with very specific skills.]