The hacking gang behind the Colonial Pipeline attack has started to point the finger at a rival gang – as the FBI launch a major investigation.
Colonial Pipeline transports about 45% of all the fuel consumed on the US East Coast and serves almost 50 million customers.
Colonial Pipeline first acknowledged the ransomware attack by hacker group DarkSide after closing their operations.
With the FBI launching a major search for DarkSide, the gang now appears to be blaming a rival hacking group.
The gang posted a ‘not me guv, honest’ statement on their darknet website: “Our goal is to make money, and not creating problems for society. From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.’
DarkSide gang is a relative newcomer to hacking gangland, emerging August 2020. The gang primarily strikes targets in English-speaking countries. That the gang avoids companies in the former Soviet Bloc may indicate gang’s home base.
The gang’s ransom demands range from $200,000 to $2 million. It reportedly has a “code of conduct” that prohibits attacks against hospitals, hospices, schools, universities, nonprofit organizations and government agencies.
DarkSide use both phishing emails and vulnerability exploits to start their attacks. Once the attackers gain a foothold they move persistently through a network.
Network security experts say the company has launched 81 ‘name and shame’ extortion style attacks since 2020.