Monday, December 6, 2021

A step-by-step analysis of a new version of Darkside Ransomware (Colonial Pipeline attack)


Darkside ransomware is the malware family responsible for the Colonial Pipeline attack on May 7 2021 as described at The binary contains an encrypted configuration that will be decrypted using a custom algorithm, which reveals a 22-byte buffer that describes different actions performed by the malware. These actions include: checking the system language and avoiding to en…

Read More

Latest news
Related news