The United States (US) Department of State has announced a reward offer of up to $10 million for information that can help identify or track any individual(s) who hold(s) a key leadership position in the DarkSide ransomware variant transnational organised crime group.
Additionally, the Department is also offering a reward offer of up to $5 million “for information leading to the arrest and/or conviction in any country of any individual conspiring to participate in or attempting to participate in a DarkSide variant ransomware incident,” it said in an official release.
The reward has been announced in light of the Colonial Pipeline Company ransomware incident in May 2021, which had led to the company’s decision to proactively and temporarily shut down the 5,500-mile pipeline that carries 45 per cent of the fuel used on the East Coast of the US. THe group had been responsible for the attack
“In offering this reward, the United States demonstrates its commitment to protecting ransomware victims around the world from exploitation by cyber criminals. The United States looks to nations who harbor ransomware criminals that are willing to bring justice for those victim businesses and organizations affected by ransomware,” the Department said in a statement.
This reward is offered under the Department of State’s Transnational Organized Crime Rewards Program (TOCRP).
The Darkside ransomware group had gone dark earlier this year, shortly after its servers were hacked. As cyber experts believe, the group later rebranded as BlackMatter. BlackMatter had the orchestrated an attack on Japanese technology giant Olympus in September and “multiple” critical infrastructure of organisations, including two companies in the food and agriculture sector in the US, as per a TechCrunch report.
“The political response to the Colonial Pipeline attack saw two of the most influential underground forums- XSS and Exploit- announce a ban on ransomware advertisements,” cybersecurity firm McAfee had said in a recent report.
“It also appeared to cause the DarkSide ransomware group to abruptly halt its operations, though McAfee Enterprise strongly believes its silence, at the same time the BlackMatter group appeared, is more than coincidental, especially as it mirrors the same move made before and after REvil’s period of silence. Despite these notable shifts in behavior, McAfee Enterprise’s global threat network identified a surge in DarkSide attacks from the group upon legal services, wholesale, and manufacturing targets in the United States,” it had said.
BlackMatter group earlier this had said that it was also ceasing operations owing to pressure from law enforcement agencies, according to a TechCrunch report.
The group had announced its plans to shut down via a message posted on its ransomware-as-a-service (RaaS) portal, as per the report.