DarkSide Ransomware

DarkSide ransomware, first discovered in August 2020, is used to perform sensitive data theft and send threats to reveal that data to the public. The most common targets of DarkSide ransomware are high-revenue organizations and companies in English-speaking countries. In this definition, learn about this ransomware attack, its history, and prevention methods.

What Is DarkSide Ransomware?

DarkSide ransomware is associated with the DarkSide group, which operates as ransomware as a service (RaaS). This group is notorious for the double extortion of victims in which they first ask for separate ransoms to unlock the affected servers or computers and then retrieve the stolen data.

Origins of DarkSide Ransomware

The DarkSide hacking group is believed to be based in Eastern Europe or Russia, but their actual whereabouts remain unknown. The group claims to not target hospitals, universities, non-profit organizations, schools, or government institutions.

In fact, DarkSide Group has tried to develop a “Robin Hood” image by claiming to only target wealthy companies and giving some of the ransom money to charity; they often post receipts of their charitable donations.

Their software, DarkSide ransomware, uses an affiliate model in which hackers are given access to DarkSide ransomware to infiltrate a specified target in return for a percentage share of the ransom payment. The hackers are chosen by the DarkSide group through virtual interviews.

What Was the Impact and Aftermath of the DarkSide Ransomware Attacks?

Several different attacks have been perpetrated around the globe using DarkSide ransomware. In May 2021, one of the largest fuel supply companies in the U.S., Colonial Pipeline, was attacked by DarkSide ransomware. Other victims of this ransomware include CompuCom, Discount Car and Truck Rentals, and a Toshiba Tech facility in France.

The ransom demand or the settled amount is often not revealed by the attackers or the victims, but it is estimated that the CompuCom attack cost over $20 million in restoration.

The cryptocurrency security firm, Elliptic, claims that DarkSide has received payments in excess of $90 million from different victims. The ransom payments are often received through a cryptocurrency wallet to prevent tracking of the funds.

Prevention of DarkSide Ransomware

There are several security measures that can be used to prevent DarkSide ransomware from affecting your business: 

  • Keep strong login credentials
  • Use a secure VPN to access the network
  • Establish separate folders for each user to limit the spread of compromised file access
  • Regularly back up all system and company data
  • Manage security tools and software and keep them up to date

DarkSide ransomware techniques will continue to evolve, so companies and security firms need to keep improving their defensive techniques to prevent such attacks.

Learn more: How to Prevent Ransomware Attacks: 20 Best Practices

Ali Azhar
Ali Azhar
Ali is a professional writer with diverse experience in content writing, technical writing, social media posts, SEO/SEM website optimization, and other types of projects. Ali has a background in engineering, allowing him to use his analytical skills and attention to detail for his writing projects.

Top Articles

List of Windows Operating System Versions & History [In Order]

The Windows operating system (Windows OS) refers to a family of operating systems developed by Microsoft Corporation. We look at the history of Windows...

How to Create a Website Shortcut on Your Desktop

Website Shortcut on Your Desktop reviewed by Web Webster   This Webopedia guide will show you how to create a website shortcut on your desktop using...

What are the Five Generations of Computers? (1st to 5th)

Reviewed by Web Webster Each generation of computer has brought significant advances in speed and power to computing tasks. Learn about each of the...

Hotmail [Outlook] Email Accounts

Launched in 1996, Hotmail was one of the first public webmail services that could be accessed from any web browser. At its peak in...

SHA-256

SHA-256 is an algorithm used for hash functions and is a vital component...

Document Management System

A document management system is an automated software solution businesses and organizations use...

Conti Ransomware

Conti ransomware first emerged in 2020. It uses a ransomware as a service...