DarkSide Ransomware Group

The U.S. government on Thursday announced a $10 million reward for information that may lead to the identification or location of key individuals who hold leadership positions in the DarkSide ransomware group or any of its rebrands.

On top of that, the State Department is offering bounties of up to $5 million for intel and tip-offs that could result in the arrest and/or conviction in any country of individuals who are conspiring or attempting to participate in intrusions affiliated with the transnational organized crime syndicate.

Automatic GitHub Backups

"In offering this reward, the United States demonstrates its commitment to protecting ransomware victims around the world from exploitation by cyber criminals," the State Department said in a statement. "The United States looks to nations who harbor ransomware criminals that are willing to bring justice for those victim businesses and organizations affected by ransomware."

darkside ransomware note

The development comes in response to DarkSide's high-profile attack on Colonial Pipeline in May 2021, taking down the largest fuel pipeline in the U.S. and disrupting fuel supply to the East Coast for roughly a week, after the hackers managed to gain entry into the company's networks using a compromised virtual private network (VPN) account password that was circulating in the dark web.

Prevent Data Breaches

The ensuing heightened scrutiny in the wake of the attacks led to the DarkSide group shuttering its operations on May 17, citing a mysterious law enforcement seizure of its online attack infrastructure. The cartel has since attempted to resurrect itself in the form of BlackMatter, only for it to close shop a second time owing to pressure from local authorities and the disappearance of a part of its members last month.

While it's common for ransomware gangs to go underground, regroup, and reincarnate, often under a new name, law enforcement agencies in the U.S., Europe, and Asia have sought to crack down on the criminal actors and blunt the impact of their operations in various ways, forcing the cybercriminals to cease operations over fears of being outed and arrested.


Found this article interesting? Follow THN on Facebook, Twitter and LinkedIn to read more exclusive content we post.