Actors Pretending to Be ‘DarkSide’ Target Large Food and Energy Companies

  • A group of amateur actors is looking to cash in on the reputation of ‘DarkSide.’
  • The actors send emails asking for 100 Bitcoin and threaten to release stolen data if they are not paid.
  • There are no signs of cyberattacks, no proof produced, and even the details mentioned are false.

Such was the impact of the ‘DarkSide’ attack on the Colonial Pipeline that they gained widespread notoriety status across all industries. Crooks don’t like to leave elements of this type unexploited, so there’s a group that is now pretending to be ‘DarkSide,’ hoping that this will help them intimidate their victims and convince them to pay the requested ransom

As reported by Trend Micro, there’s a surge of large companies engaging in the food and energy sectors, who claim to have received threatening emails from a sender who claims to be ‘DarkSide.’

Source: Trend Micro

The crooks demand the payment of 100 Bitcoin in ransom – otherwise, they threaten to release sensitive information that they supposedly stole during a cyberattack onto the recipient’s network. The distribution of these emails begun on June 4, 2021, and it’s ongoing. In some cases, the actors have used the contact forms that are available on the company websites, but they were careful enough to use Tor and mask their real IP address.

The largest volume of messages was sent to companies that reside in Japan, with Australia, United States, Argentina, Canada, and India following with significant shares too. Japanese companies aren’t easy targets to extort and convince to pay the ransom, so this is a weird choice of focus for these actors. In fact, TrendMicro says the one and only Bitcoin wallet address used in all threatening emails hasn’t received any payments yet.

Source: Trend Micro

The aspect of the cyberattack isn’t confirmed by anything, be it proof of stolen data or signs of system interruption through ransomware encryption. To make their bogus claims even more obvious, the actors messed up heavily by presenting the recent attack against JBS as their work, whereas this was attributed to REvil, a totally different ransomware group. So, in summary, this is pretty amateurish and certainly very hard to convince someone to hand over such a significant amount of money.

Still, this doesn’t mean that it couldn’t be an example for other, more diligent actors to follow, or maybe a method that could be used at a wider scale and against smaller entities that are more likely to get tricked. Right now, all of the tricky emails arrive from either “darkside@99email[.]xyz” or “darkside@solpatu[.]space”, so if you got one, feel free to disregard it.

REVIEW OVERVIEW

Latest

Is It Okay to Charge iPhone 13, Mini, Pro, or Pro Max Overnight?

Without any doubt, there are plenty of misconceptions about charging iOS devices. That’s even more true now since this year’s iPhones have the...

Is It Okay to Play Games While Charging iPhone 13? 

The iOS App Store offers more than one million games. Your options are practically limitless, with console-like games taking full advantage of iPhone 13’s...

Is It Bad to Use iPhone 13 While Charging? 

The latest iPhone generation comes with the longest battery life yet, managing to provide up to 2.5 extra hours of use. With that said,...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari