Ransomware attackers said to be based in Russia
The U.S. Department of State is offering rewards for information concerning the DarkSide ransomware cybercriminals. A $10M USD bounty goes to anyone with information on the location of or that identifies DarkSide leaders. Another $5M is offered for information about any person who participates in a DarkSide ransomware attack.
“The Department manages the TOCRP in close coordination with our federal law enforcement partners as part of a whole of a government effort to disrupt and dismantle transnational organized crime globally, including cybercrime,” says a press release from the Department of State newsroom.
DarkSide Ransomware Attacks
DarkSide Ransomware was used in the well-known Colonial Pipeline ransomware attack. The incident happened in May 2021. Colonial shut down its IT systems and fuel pipeline operations for about a week until the situation was resolved. Contrary to the advice given by the US Federal Bureau of Investigations (FBI), Colonial opted to pay the ransom to regain control of its systems.
The FBI was able to recover part of the ransom money from cryptocurrency wallets used for money laundering.
The hackers behind the attack have since disappeared and ceased operations.
This reward is offered as part of the Department of State’s Transnational Organized Crime Rewards Program (TOCRP). TOCRP is an effort to fight organized crime. The Department has paid more than $135 million in rewards under the program.