Displaying items by tag: DarkSide

COMPANY NEWS: Cybersecurity company Sophos published its Sophos 2022 Threat Report, detailing how the gravitational force of ransomware’s black hole is pulling in other cyberthreats to form one massive, interconnected ransomware delivery system—with significant implications for IT.

The US Department of State has offered a reward of US$10 million (A$13.5 million) for information leading to the identification of location of any of the leaders of the DarkSide Windows ransomware gang.

Another Windows ransomware group, BlackMatter, appears to have shut down operations, according to a message sent out by the people behind the group.

Security firm Emsisoft has lost the ability to produce keys that could decrypt files encrypted by the BlackMatter Windows ransomware gang, something it has been doing for a while.

A number of Windows ransomware gangs have reacted to the reported takedown of the REvil gang, with one of them, Darkside, now known as BlackMatter, moving some of the bitcoin it holds, according to a statement from the cryptocurrency tracking firm Elliptic.

GUEST RESEARCH: Threats against the manufacturing sector continue to persist—from ransomware groups that steal victim’s data before encrypting it to nation-state attackers seeking technology secrets and to company insiders looking for information to grab and sell to the highest bidder. Crippling ransomware attacks can even halt assembly lines and disrupt supply chains.

Since grabbing headlines in early May, the high profile ransomware incident impacting the US oil pipeline system Colonial Pipeline has attracted significant attention from both media and information security spaces, given the event’s scope and impact.

The chief technology officer of New Zealand-headquartered Emsisoft, a firm well known for its efforts in helping ransomware victims, has poked fun at the "new 'innovative' ways people will claim to be the next big fix for ransomware".

Zscaler's latest ransomware report says manufacturing is the industry most targeted by double-extortion ransomware.

A CIA-backed threat intelligence firm claims the operator of the DarkSide ransomware gang has lost control of its infrastructure after the malware was used to attack the Colonial Pipeline Company in the US which runs the country's biggest petrol pipeline.

ANALYSIS Claims that the Colonial Pipeline Company paid US$5 million as a ransom to the group behind the DarkSide Windows ransomware after it was attacked on 7 May need to be taken with a pinch of salt, seeing as the report was an "exclusive" from Bloomberg.

The affiliate of ransomware operator DarkSide, the Windows malware that was used to attack the US Colonial Pipeline Company, appears to have taken on a target that was outside the parameters set down by the operator, judging from a statement made by the operator on its site on the dark web.

Three days after it suffered a Windows ransomware attack, the Colonial Pipeline Company, which is headquartered in Alpharetta, Georgia, appears to be slowly limping back to resuming operations, though many systems still remain shut.

Cyber security solutions provider Bitdefender has released a decryption tool for the DarkSide ransomware, a malware entity that made its appearance in August last year, and one that can attack only Microsoft's Windows operating system.

Malicious attackers claim to have stolen more than 200GB of data from Brookfield Asset Management, a 121-year-old firm which is headquartered in Toronto, with corporate offices in New York City, London, Rio de Janeiro and Sydney.