Last month the group behind it ransomwarea DarkSide it attacked the Colonial Pipeline, the largest oil pipeline in the United States. The attack was so severe that it closed 8,850 kilometers of oil pipelines along the east coast of the United States.
Soon group faced the consequences wrong choice of goal: Police confiscated her servers and reclaimed a ransom paid by Colonial Pipeline. Then the group decided to stop working, and that was officially the end of the DarkSide ransomware.
However, they are now researchers at Trend Micro discovered that someone was pretending to be a DarkSide gang and trying to take money from companies in the energy and food industries.
According to the researchers, the attacker (or group) sends emails to companies starting with “Hello, this is DarkSide …”, claiming that they hacked their servers and accessed sensitive data. The fake DarkSide in the email demands a ransom of 100 BTC ($ 4 million) threatening to publish the stolen data if their demands are not met.
However, unlike the DarkSide ransomware group, this group does not offer any evidence of hacking or sample data that it claims was stolen. It should be noted that DarkSide had its own website for publishing evidence of hacking or data leaks.
In addition, the researchers say there is no encryption that was common for DarkSide ransomware attacks, indicating that someone is trying to make money quickly and a lot using the fact that the real DarkSide group has disappeared without a trace.
In addition, fraudsters in emails sent to victims take responsibility for the ransomware attack on JBS, although it is known that the attack was carried out REvil (Sodinokibi).
JBS is the world’s largest meat processing company based in Brazil, which suffered a ransomware attack on May 30, 2021. The company was forced to pay the REvil group a ransom of $ 11 million in bitcoins.
Researchers advise companies that if they receive an email in which someone claims to be DarkSide, the best solution is to ignore it.
Source: Informacija.rs by www.informacija.rs.
*The article has been translated based on the content of Informacija.rs by www.informacija.rs. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!
*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.
*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!