Securonix Threat Labs Initial Coverage Advisory: Darkside Ransomware Targeting Critical Infrastructure Providers

Threat Research

Securonix Threat Labs R&D/Securonix Threat Research team has been actively monitoring and investigating the details of the critical targeted Darkside ransomware attacks (tracked by Securonix Threat Research as RE$HOOD) with some of the recent victims including Colonial Pipeline Networks, and many others.

Darkside/RE$HOOD is an active malicious ransomware operator (MRO) that also offers a ransomware-as-a-service (RaaS) affiliate program. Securonix Threat Research has observed at least 64 victims being exploited by Darkside/RE$HOOD MRO or its affiliates since January 2021.