DarkSide Ransomware Gang Extorted $90 Million from A number of Victims in 9 Months

DarkSide Ransomware

DarkSide, the hacker group behind the Colonial Pipeline ransomware attack earlier this month, obtained $90 million in bitcoin funds following a nine-month ransomware spree, making it some of the worthwhile cybercrime teams.

“In whole, simply over $90 million in bitcoin ransom funds had been made to DarkSide, originating from 47 distinct wallets,” blockchain analytics agency Elliptic said. “In accordance with DarkTracer, 99 organisations have been contaminated with the DarkSide malware – suggesting that roughly 47% of victims paid a ransom, and that the typical cost was $1.9 million.”

Of the full $90 million haul, the DarkSide’s developer is claimed to have obtained $15.5 million in bitcoins, whereas the remaining $74.7 million was cut up amongst its varied associates. FireEye’s analysis into DarkSide’s associates program had previously revealed that its creators take a 25% lower for funds underneath $500,000 and 10% for ransoms above $5 million, with the lion’s share of the cash going to the recruited companions.

password auditor

Elliptic co-founder and chief scientist Dr. Tom Robinson mentioned the “cut up of the ransom cost could be very clear to see on the blockchain, with the totally different shares going to separate Bitcoin wallets managed by the affiliate and developer.”

DarkSide, which went operational in August 2020, is only one of many teams that operated as a service supplier for different risk actors, or “associates,” who used its ransomware to extort targets in trade for a lower of the earnings, however not earlier than threatening to launch the info — a tactic often known as double extortion.

However in a sudden flip of occasions, the prolific cybercrime cartel final week announced plans to wind up its Ransomware-as-a-Service (RaaS) associates program for good, claiming that its servers had been seized by regulation enforcement. Its bitcoin pockets was additionally emptied to an unknown account.

The fallout from the most important identified cyberattack on U.S. vitality trade is barely the newest instance of how a spate of ransomware incidents are more and more affecting the operations of essential infrastructure and rising a nationwide safety risk. The occasions have additionally turned the highlight on implementing essential methods to make sure important capabilities stay operational within the occasion of a major cyber disruption.

Source link