Skip to main content

Ransom Group Linked to Colonial Pipeline Hack

N

Nyakundi Report

Newsroom 2 min read

This archive report was first published on 10 May 2021.

On May 10, 2021, a ransomware group linked to the Colonial Pipeline hack was identified as DarkSide, a group of experienced cybercriminals.

DarkSide is a relatively new group, but its hackers have a long history of digital extortion, with a focus on squeezing out as much money as possible from their targets.

"They're very new but they're very organized," said Lior Div, the chief executive of Boston-based security firm Cybereason.

DarkSide's website on the dark web hints at their hackers' past crimes, claiming they previously made millions from extortion and that their new software doesn't mean they have no experience.

The group's website also features a Hall of Shame-style gallery of leaked data from victims who haven't paid up, advertising stolen documents from over 80 companies across the United States and Europe.

Reuters was unable to verify the group's claims, but one of the more recent victims featured on its list was Georgia-based rugmaker Dixie Group Inc, which publicly disclosed a digital shakedown attempt affecting "portions of its information technology systems" last month.

DarkSide's targeting of Colonial Pipeline, with its potentially massive knock-on consequences for Americans up and down the Eastern seaboard, may have been a miscalculation, according to Div.

"It's not good for business for them when the U.S. government becomes involved, when the FBI becomes involved," he said.

Be the first to react

Support

Support this reporting

M-Pesa support recorded against this story.

Send support →

Stay close

Get the briefing

Major updates by email. No spam.

Get email brief →

Share

Save share card

Download a clean portrait card for sharing.

Save image →