Table of Contents
US govt locations up a $10m reward for knowledge on the DarkSide ransomware gang, the group that attacked Colonial Pipeline six months in the past
The US Department of Boom has upped the ante in the Biden administration’s ongoing battle against ransomware operators, asserting a reward of as a lot as $10m (£7.4/€8.7m) for knowledge main to the identification and/or reputation of key individuals of the DarkSide syndicate.
The authorities are additionally providing a 2d bounty of as a lot as $5m for knowledge main to the arrest and/or conviction of any affiliate conspiring to or trying to habits DarkSide ransomware attacks.
“In providing this reward, the usa demonstrates its dedication to defending ransomware victims spherical the globe from exploitation by cyber criminals,” the Boom Department acknowledged in a assertion. “The US looks to nations who harbour ransomware criminals which might perhaps per chance per chance be challenging to bring justice for these victim companies and organisations tormented by ransomware.”
The DarkSide crew, which emerged in 2020 and received a dinky amount of notoriety after trying to donate one of the famous earnings from its crimes to charities, sprung to prominence in Would possibly fair 2021, after it held up CNI operator Colonial Pipeline, forcing the shutdown of a 5,500-mile oil pipeline and disrupting gas offers across the japanese US.
Likely realising that the scale of the Colonial Pipeline hit used to be attracting too grand attention, DarkSide due to the this truth tried to distance itself from the incident and in the kill shut down its ransomware-as-a-provider (RaaS) operation after components of its infrastructure were seized and their bitcoin wallets emptied.
Nonetheless, the end-knit nature of the largely Russia-essentially based mostly ransomware underground suggests the main actors are nearly undoubtedly peaceful active in some ability.
The rewards are supplied beneath an ongoing Transnational Organised Crime Rewards Programme, operated by the Boom Department alongside US regulations enforcement as section of the American citizens’ “whole of govt” components to tackling organised crime.
ESET’s Jake Moore, himself a historical cyber crime investigator for Dorset Police, acknowledged that whereas the scale of the reward on provide can also assist some of us to advance forward, it used to be peaceful a long shot.
“Cyber crime teams usually work in silos with remote capacities the put they enact not even know the honest identities of their colleagues in define to reduce the threat of safe,” he acknowledged. “Many gangs feature online across the darkish net to evade being detected.
“DarkSide is a extraordinarily refined and unhealthy cyber prison group that goes to outrageous lengths to hide its tracks, or even not fabricate any tracks to agree to in the well-known situation. When such tactics leave the FBI struggling to half any clues collectively, it’s not unparalleled to open providing rewards.”
But ImmuniWeb’s Ilia Kolochenko acknowledged the Boom Department used to be making a trim bolt. “Many refined threat actors use multi-layered anonymisation tactics that undermine all efforts to title them by technical or scientific components,” he acknowledged. “Furthermore, forensic procedures can also additionally be prohibitively pricey for underfunded regulations enforcement agencies.
“Nonetheless, cyber criminals are all americans. They’re inclined to the identical human weaknesses as everyone else. They might perhaps also accidentally insist their illicit actions to chums or boast about hacking. At closing, rival hacking teams can also know each various in particular person and perfidiously document their opponents to assassinate money and enlarge their market monopoly,” acknowledged Kolochenko.
“Therefore, starting a worm bounty to unmask cyber criminals is a mountainous and long-awaited conception that can likely bring fruitful outcomes. The strategy desires to be systemised and performed in various international locations as successfully.”
Read more on Hackers and cybercrime prevention
Multi-govt operation targets REvil ransomware group
By: Sebastian Klovig Skelton
US intelligence agencies discipline advisory on BlackMatter gang
By: Sebastian Klovig Skelton
Olympus likely victim of BlackMatter ransomware
By: Alex Scroxton
BlackMatter goes on the document about DarkSide and REvil links
By: Sebastian Klovig Skelton
