The hacker group DarkSide claimed on Wednesday to have attacked three more companies, despite the global outcry over its attack on Colonial Pipeline this week, which has caused shortages of gasoline and panic buying on the East Coast of the U.S.
Over the past 24 hours, the group posted the names of three new companies on its site on the dark web, called DarkSide Leaks. The information posted to the site includes summaries of what the hackers appear to have stolen but do not appear to contain raw data. DarkSide is a criminal gang, and its claims should be treated as potentially misleading.
The post indicates that the group of hackers will not back down in front of the FBI and the US President Joe Biden’s administration’s condemnation of the attack.
It also indicates that the group intends to carry out more ransomware attacks on companies, even after it published a coded message earlier this week indicating regret about the impact of the Colonial pipeline breach and pledging to introduce “adjustments” in order to “avoid social consequences in the future.”
One of the companies is based in the United States, one is in Brazil and the third is in Scotland. None of them appear to engage in critical infrastructure. Each company appears to be small enough that a crippling hack would otherwise fly under the radar if the hackers hadn’t received worldwide notoriety by crippling gasoline supplies in the United States.
The first – based in the United States – is an Illinois-based technology services distributor. Darkside claims to have stolen more than 600 gigabytes of sensitive information, including passwords, financial information, human resources information and passports for its employees.
The Brazilian company is a distributor of renewable energy products, and Darkside says it has more than 400 gigabytes of data on its own, including “customer personal data” and “agreement details.”
As for the Scottish company, which works in the construction industry, Darkside claims it stole 900 gigabytes, including contracts and commercial and personal data dating back 3 years.