Colonial Pipeline hackers had ransomware secret weapon

Posted By : Rina Latuperissa
30 Min Read

[ad_1]

This article was originally published as part of a series by ProPublica, a nonprofit newsroom that investigates abuses of power. Sign up to receive its biggest stories as soon as they’re published. The story was co-published with MIT Technology Review.

On January 11, antivirus company Bitdefender said it was “happy to announce” a startling breakthrough. It had found a flaw in the ransomware that a gang known as DarkSide was using to freeze computer networks of dozens of businesses in the US and Europe. Companies facing demands from DarkSide could download a free tool from Bitdefender and avoid paying millions of dollars in ransom to the hackers.

But Bitdefender wasn’t the first to identify this flaw. Two other researchers, Fabian Wosar and Michael Gillespie, had noticed it the month before and had begun discreetly looking for victims to help. By publicizing its tool, Bitdefender alerted DarkSide to the lapse, which involved reusing the same digital keys to lock and unlock multiple victims. The next day, DarkSide declared that it had repaired the problem, and that “new companies have nothing to hope for.”

“Special thanks to BitDefender for helping fix our issues,” DarkSide said. “This will make us even better.”

DarkSide soon proved it wasn’t bluffing, unleashing a string of attacks. This month, it paralyzed the Colonial Pipeline Co, prompting a shutdown of the 5,500-mile pipeline that carries 45% of the fuel used on the US East Coast, quickly followed by a rise in gasoline prices, panic buying of gas across the Southeast and closures of thousands of gas stations.

[ad_2]

Source link

Share This Article
Leave a comment