Security News > 2021 > May > The many sides of DarkSide, the group behind the Colonial Pipeline ransomware attack

The ransomware group that attacked Colonial Pipeline has in the past tried to donate some of its profits to charity in a twisted take on the tale of Robin Hood.

DarkSide has garnered some publicity lately, and not especially wanted, after the FBI and others blamed the group for the recent ransomware attack against Colonial Pipeline, which forced the company to take down its operations.

In November 2020, DarkSide started hiring its own affiliates to carry out certain phases of an attack, including the initial access to a victim and the execution of the ransom payload. Purely profit driven, the group is a player in "Big game hunting" in which it targets large corporations and organizations, Vladimir Kuskov, head of threat exploration at Kaspersky, told TechRepublic.

Through its affiliate relationships, DarkSide sells its ransomware product to partners, which can then buy access to organizations from other hackers as a way to deploy the actual ransomware.

Why target Colonial Pipeline, an organization that provides a service many would consider vital to society? In fact, DarkSide may be having second thoughts about attacking such a visible entity.

In a new message on its Dark Web site, the group offered a type of apology/explanation, suggesting that one of its partners may have been behind the attack and promising to do a better job vetting potential victims in the future, Bloomberg reported on Monday.

News URL

https://www.techrepublic.com/article/the-many-sides-of-darkside-the-group-behind-the-colonial-pipeline-ransomware-attack/#ftag=RSS56d97e7