Beautiful Virgin Islands

Wednesday, Aug 27, 2025

Infamous DarkSide ransomware reborn as new cyber threat: reports

Infamous DarkSide ransomware reborn as new cyber threat: reports

BlackMatter says it has the 'best features' of Colonial Pipeline hackers DarkSide, plus other kinds of ransomware

A new cyber gang is in town – and tapping into the best features of ransomware used in the Colonial Pipeline attack.

That new gang, BlackMatter, is upfront about its origins, stating that it has "incorporated" the "best features" of DarkSide and two other kinds of ransomware, REvil and Lockbit, according to a statement from the BlackMatter group as noted by cybersecurity company Recorded Future.

DarkSide was identified by the U.S. government as the ransomware responsible for the Colonial Pipeline attack, which resulted in the shutdown of a major pipeline supplying fuel to the U.S. East Coast.

A man leaves a Murrphy Oil gas station as pumps are seen out of gas, Tuesday, May 11, 2021, in Kennesaw, Ga. after Colonial Pipeline halted operations because of a cyberattack.


After the attack, DarkSide posted a statement saying it was ending operations.

Enter BlackMatter, which is now active on cybercrime forums.

"They’re not advertising their ransomware, however; they are recruiting affiliates…who have access to hacked enterprise networks," according to Malwarebytes. The BlackMatter ads state that it's seeking hacked access to corporate networks in Australia, Canada, the UK and the U.S.

Other requirements for corporations they target include revenue of at least $100 million and 500-15,000 hosts in the network, Recorded Future said.

Like other successful ransomware operations, BlackMatter is run as a business, dubbed Ransomware-as-a-service or RaaS, a knockoff of legitimate business models such as SaaS or software-as-a-service.

Cybersecurity news site Bleeping Computer reported attacks are happening already.

On their own site, BlackMatter says it won’t target certain industries including hospitals, critical infrastructure, the defense industry and the government sector, according to Malwarebytes.

That’s similar to past statements from DarkSide.

"Our goal is to make money, and not creating problems for society. From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future," the DarkSide group said back in May.

But there may be more practical reasons for this. "Almost as if to say that they are keenly aware of the danger that comes from pulling off internationally-recognized attacks," Malwarebytes said.

In June, the Department of Justice said that it had seized Bitcoin valued at approximately $2.3 million from the DarkSide gang. Those funds represented a ransom payment for the Colonial Pipeline ransomware attack.

Newsletter

Related Articles

Beautiful Virgin Islands
0:00
0:00
Close
Manhunt in Australia: Armed Anti-Government Suspect Kills Police Officers Sent to Arrest Him
China Launches World’s Most Powerful Neutrino Detector
How Beijing-Linked Networks Shape Elections in New York City
Ukrainian Refugee Iryna Zarutska Fled War To US, Stabbed To Death
Elon Musk Sues Apple and OpenAI Over Alleged App Store Monopoly
2 Australian Police Shot Dead In Encounter In Rural Victoria State
Vietnam Evacuates Hundreds of Thousands as Typhoon Kajiki Strikes; China’s Sanya Shuts Down
UK Government Delays Decision on China’s Proposed London Embassy Amid Concerns Over Redacted Plans
A 150-Year Tradition to Be Abolished? Uproar Over the Popular Central Park Attraction
A new faith called Robotheism claims artificial intelligence isn’t just smart but actually God itself
Deputy Prime Minister Angela Rayner Purchases Third Property Amid Housing Tax Reforms Debate
HSBC Switzerland Ends Relationships with Over 1,000 Clients from Saudi Arabia, Lebanon, Qatar, and Egypt
Sharia Law Made Legally Binding in Austria Despite Warnings Over 'Incompatible' Values
Italian Facebook Group Sharing Intimate Images Without Consent Shut Down Amid Police Investigation
Dutch Foreign Minister Resigns Amid Deadlock Over Israel Sanctions
Trump and Allies Send Messages of Support to Ukraine on Independence Day Amid Ongoing Conflict
China Reels as Telegram Chat Group Shares Hidden-Camera Footage of Women and Children
Sam Nicoresti becomes first transgender comedian to win Edinburgh Comedy Award
Builders uncover historic human remains in Lancashire house renovation
Australia Wants to Tax Your Empty Bedrooms
MotoGP Cameraman Narrowly Avoids Pedro Acosta Crash at Hungarian Grand Prix
FBI Investigates John Bolton Over Classified Documents in High-Profile Raids
Report reveals OpenAI pitched national ChatGPT Plus subscription to UK ministers
Labour set to freeze income tax thresholds in long-term 'stealth' tax raid
Coca‑Cola explores sale of Costa coffee chain
Trial hears dog walker was chased and fatally stabbed by trio
Restaurateur resigns from government hospitality council over tax criticism
Spanish City funfair shut after serious ride injury
Suspected arson at Ilford restaurant leaves three in critical condition
Tottenham beat Manchester City to go top of Premier League
Bank holiday heatwave to hit 30°C before remnants of Hurricane Erin arrive
UK to deploy immigration advisers to West Africa to block fake visas
Nurse who raped woman continued working for a year despite police alert
Drought forces closures of England’s canal routes, canceling boat holidays
Sweet tooth scents: food-inspired perfumes surge as weight-loss drugs suppress appetites
Experts warn Britain dangerously reliant on imported food
Family of Notting Hill Carnival murder victim call event unmanageable
Bunkers, Billions and Apocalypse: The Secret Compounds of Zuckerberg and the Tech Giants
Ukraine Declares De Facto War on Hungary and Slovakia with Terror Drone Strikes on Their Gas Lifeline
Animated K-pop Musical ‘KPop Demon Hunters’ Becomes Netflix’s Most-Watched Original Animated Film
New York Appeals Court Voids Nearly $500 Million Civil Fraud Penalty Against Trump While Upholding Fraud Liability
Elon Musk tweeted, “Europe is dying”
Far-Right Activist Convicted of Incitement Changes Gender and Demands: "Send Me to a Women’s Prison" | The Storm in Germany
Hungary Criticizes Ukraine: "Violating Our Sovereignty"
Will this be the first country to return to negative interest rates?
Child-free hotels spark controversy
North Korea is where this 95-year-old wants to die. South Korea won’t let him go. Is this our ally or a human rights enemy?
Hong Kong Launches Regulatory Regime and Trials for HKD-Backed Stablecoins
China rehearses September 3 Victory Day parade as imagery points to ‘loyal wingman’ FH-97 family presence
Trump Called Viktor Orbán: "Why Are You Using the Veto"
×