One leaked password was enough – this is how the Internet blackmailers struck caused fuel chaos

The largest fuel distribution line in the United States had to be shut down in early May due to a blackmail malware attack. Victim Colonial Pipeline According to a security company expert who assisted the company, the attackers entered a dark network with a leaked password.

Security company Mandiantin deputy director Charles Carmakal said in an interview To Bloomberg, attackers could access remotely via a vpn connection. The vpn user account used by the attackers was no longer actively in use at the time of the attack, but its credentials still allowed access to the company’s systems.

The password used to log in has been found among the passwords leaked to the dark network. It is likely that the employee has used the same password in another service that was previously hacked.

That user has not had two-step authentication, so the blackmailers logged in with just a username and password. It is not known how the attackers found out the correct username. No traces of the fishing on that worker have been found.

The attackers entered the systems on April 29th. More than a week later, on May 7, at five o’clock in the morning, one of the employees noticed a ransom demand on the control room computer screen. The matter was reported to the supervisor and shortly after six in the morning the entire distribution line was closed.

Source: Tivi by

*The article has been translated based on the content of Tivi by If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!

*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.

*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!