Cybercriminals threaten oil, gas and food companies posing as DarkSide
A number of organizations in the oil, gas and food sectors have received threatening emails from cybercriminals posing as DarkSide.
According to researchers at Trend Micro, attackers are using the notorious DarkSide ransomware to launch a socially engineered intimidation campaign.
In emails, criminals warn victims that the group has successfully compromised their corporate network and stolen confidential information. The stolen data will be publicly available unless the company pays a ransom of 100 bitcoins (roughly $ 3.8 million).
DarkSide usually provides evidence of confidential data theft, but in a recent campaign, scammers did not provide such guarantees. The campaign organizers also made the mistake of mentioning in emails alleged previous DarkSide attacks, which have recently become popular in news headlines. So, the letters indicate an attack on the world’s largest meat producer JBS, but the incident was associated with the REvil group (Sodinokibi), and not with DarkSide.
As noted by experts, DarkSide operators usually demand from $ 200 thousand to $ 2 million, and not nearly $ 4 million, featured in the recent campaign.
The campaign sent emails to businesses in Japan, Argentina, Australia, Canada, India and the United States, China, Colombia, Mexico, the Netherlands, Thailand and the United Kingdom.
Catch up on more articles here
Follow us on Twitter here