DarkSide doppelganger targets energy, food industries

June 18, 2021
Trend Micro researchers found that cybercriminals impersonating the DarkSide ransomware gang, which perpetrated the Colonial Pipeline hack, have been sending threatening emails to numerous organizations in the energy and food industries, reports Threatpost.

The targeted organizations are being warned in the emails that the threat actors will disclose their successful enterprise network hacks and exfiltration of sensitive data if the organizations will not pay 100 Bitcoin, or nearly $3.8 million. Despite the similarities between the emails and the double extortion technique employed by DarkSide, Trend Micro said that the new attacks have been perpetrated by a doppelganger of the group, as indicated by the emails' lack of proof of stolen data and mistakes in attribution.

"The content used on the emails has led us to believe that they did not come from the said threat group, but from an opportunistic low-level attacker trying to profit off the current situation around DarkSide ransomware activities," said researchers.
Jill Aitoro

SC Media Editor in Chief Jill Aitoro has 20 years of experience editing and reporting on technology, business and policy. She also serves as editorial director at SC Media’s parent company, CyberRisk Alliance. Prior to joining CRA, she worked at Sightline Media as editor of Defense News and executive editor of the Business-to-Government Group. She previously worked at Washington Business Journal and Nextgov, covering federal technology, contracting and policy, as well as CMP Media’s VARBusiness and CRN and Penton Media’s iSeries News.

prestitial ad