The U.S. Department of State has announced a reward of up to $10M for information leading to the identification or location of any individual(s) who hold(s) a key leadership position in the DarkSide ransomware variant transnational organized crime group.
DarkSide’s Origins and Ransomware Software
DarkSide is a ransomware-as-a-service platform that was first reported surfacing on Russian language hacking forums in August 2020. It targets big companies, forbidding affiliates from dropping ransomware on organizations in several industries, including healthcare, funeral services, education, public sector, and non-profits. The platform uses tools stolen from the NSA, such as Eternal Blue, to encrypt files and demand a ransom in Bitcoin.
Why Bitcoin?
The use of Bitcoin for ransom payments is a deliberate choice, as each transaction is forever recorded in the blockchain. This creates a permanent and unbreakable record of the transaction, making it difficult to cover up or conceal illicit activities.
Will the Reward Work?
The Department of State’s reward is a significant incentive, but it is unlikely to stop the DarkSide ransomware group entirely. However,