Security News > 2021 > June > Faux ‘DarkSide’ Gang Takes Aim at Global Energy, Food Sectors
Several organizations in the oil, gas and food sectors have received threatening emails from cybercriminals posing as DarkSide - the ransomware gang behind the Colonial Pipeline hack.
"The content used on the emails has led us to believe that they did not come from the said threat group, but from an opportunistic low-level attacker trying to profit off the current situation around DarkSide ransomware activities," researchers said, in a Thursday blog post.
The campaign cast a wide, global net: It affected Japan the most, followed by a tier of several other countries: Argentina, Australia, Canada, India and the U.S. The rest of the affected countries include China, Colombia, Mexico, Netherlands, Thailand and the U.K. "Even so, it appears that the DarkSide doppelganger is striking out - likely due to the lack of any encryption and the questionable email details:"As of writing, the said wallets have not received or sent any Bitcoin payment," researchers said.
Based on the telemetry data, it seems the threat actor is zeroing in with laser-like focus on the energy and food industries, with all of the targets encompassed in these sectors, researchers noted.
"In the aftermath, an attack's impact could raise fears about food and/or energy security, triggering panic buying as the public worries about possible spikes in prices that could be caused by the attack."
The energy and food sectors are among the most-targeted by cybercriminals of all stripes, including real ransomware gangs, the firm added - but it goes without saying that organizations should always verify the validity of any threat before taking any action when faced with a threatening notice.