Hackers from Russia linked to Colonial Pipeline attack via ransomware
A major American company, Colonial Pipeline, was hit by a ransomware virus that stole about 100 GB of data and blocked computer systems. Colonial Pipeline provides fuel for about 45% of the population on the U.S. East Coast; as a result of the attack, the pipeline’s operations have been disrupted.
According to Bloomberg, the incident occurred late last week, and the attack is suspected to have been carried out by hackers from the DarkSide group.
The attackers are employing a double extortion tactic — they demand a ransom from Colonial Pipeline both for decrypting the compromised files and for ensuring that the stolen information does not reach the network.
CNN, citing a former U.S. administration official who worked in cybersecurity, says that DarkSide may be linked to Russia. According to the press, the group typically does not attack Russian-speaking countries.
In response to the attack on Colonial Pipeline, the White House formed an interagency task force to prevent fuel-supply disruptions in the country.
DarkSide released a statement that it is apolitical, and asked not to be linked to any government. The group’s representatives stressed that their aim is to “make money, not to cause problems for society”.
Earlier reports stated that the REvil hackers encrypted the files of Taiwanese company Acer and demanded payment of $50 million in Monero cryptocurrency.
Read ForkLog’s Bitcoin news in our Telegram — cryptocurrency news, prices and analytics.
Рассылки ForkLog: держите руку на пульсе биткоин-индустрии!