The Battle Between Ransomware, Researchers, and anti-virus Companies looking for attention
The Colonial pipeline ransomware hackers had a secret weapon: self-promoting cybersecurity firms — MIT Technology Review, Renee Dudley and Daniel Golden, 5/25/2021
This was a really good article on how DarkSide, the cybercrime group behind the Colonial pipeline ransomware attack, was almost stopped by security researchers a few months earlier. However, when security company BitFender publicized DarkSide’s mistake — reusing their RSA keys to encrypt seized files — security researchers lost their advantage. Once DarkSide found out about BitDefender’s discovery, they changed their procedures and changed their keys.