19 June 21, 06:34
(This post was last modified: 19 June 21, 06:35 by silversurfer.)
Quote:Several organizations in the oil, gas and food sectors have received threatening emails from cybercriminals posing as DarkSide – the ransomware gang behind the Colonial Pipeline hack.
According to researchers at Trend Micro, threat actors are taking advantage of the notoriety around the pipeline ransomware incident and the DarkSide name, in order to mount a fear-based social-engineering campaign.
The emails warn targets that the group has successfully hacked the recipient’s enterprise network and lifted sensitive information, which will be disclosed publicly if a ransom of 100 Bitcoin (BTC) is not paid. That’s roughly $3.8 million, given the exchange rate at press time.
That somewhat dovetails with the DarkSide playbook of double extortion – however, not all is as it seems, according to Trend Micro.
“The content used on the emails has led us to believe that they did not come from the said threat group, but from an opportunistic low-level attacker trying to profit off the current situation around DarkSide ransomware activities,” researchers said, in a Thursday blog post.
Read more: Faux ‘DarkSide’ Gang Takes Aim at Global Energy, Food Sectors | Threatpost