According to a study by security firm Trend Micro, a phoney outfit posing as the DarkSide ransomware gang is extorting ransoms from companies in the food and energy sectors by sending fraudulent emails. So yet, none of the victims have identified any kind of breach. The attackers alleged that the victims’ networks have been hacked in the email, and then demand a ransom payment of 100 bitcoins ($3.6 million). The hackers threaten to release information if the victims do not pay the ransom. According to Trend Micro, the continuing email campaign began on June 4, with the perpetrators sending bogus ransom letters to victims in the food and energy industries.
However, Trend Micro warns that the organization
“Darkside has always been able to show proof that they obtained stolen sensitive data. They also lead their targets to a website hosted on the Tor network,” Trend Micro notes. “However, in this campaign, the email does not mention anything about proving that they have indeed obtained confidential or sensitive information. The content used in the emails has led us to believe that they did not come from the said threat group, but from an opportunistic low-level attacker trying to profit off the current situation around DarkSide ransomware activities.” looks to be a fake DarkSide group as none of the email recipients reported any network intrusion, and the bitcoin wallet indicated in the ransom message has not received or delivered any Bitcoin payment.
According to the research, Japan was the country with the most casualties, next inline Australia, the United States, Argentina, Canada, and India. It operates in China, Colombia, Mexico, the Netherlands, Thailand, and the United Kingdom.