Ransomware

DarkSide

First seen: 2020-08 • Status: inactive

Currently Inactive

DarkSide attacked Colonial Pipeline and caused gas shortages across the eastern US. The FBI got back most of the ransom money.

Overview

DarkSide is infamous for the Colonial Pipeline attack that caused fuel shortages in the US. The group shut down after FBI seized part of the ransom.

Also Known As

DarkSide Ransomware

How It Spreads

  • RDP exploitation
  • VPN vulnerabilities
  • Phishing

What It Does

  • File encryption
  • Data theft
  • Critical infrastructure targeting

Is your business exposed?

Target Platforms

Windows, Linux

Detection Tips

  • Historical threat - evolved into BlackMatter

MITRE ATT&CK Techniques

T1486, T1567

If You're Infected

  1. 1.

    Decryptors available for some versions

Related Malware

Blackmatter, Revil

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices