DarkSide ransomware explained: How it works and who is behind it

CSO Online

Lucian Constantin

DarkSide is a ransomware threat that has been in operation since at least August 2020 and was used in a cyberattack against Georgia-based Colonial Pipeline, leading to a major fuel supply disruption along the East Coast of the US. The malware is offered as a service to different cybercriminals through an affiliate program and, like other prolific ransomware threats, employs double extortion that combines file encryption with data theft and is deployed on compromised networks using manual hacking techniques.

In a recent report, researchers from threat intelligence firm Flashpoint said they believe "that the threat actors behind DarkSide ransomware are of Russian origin and...

Get the Morning Update

Thanks for subscribing!