DarkSide Ransomware Hit a Billion Dollar Toronto Based Company
DarkSide, a new group of ransomware threat actors, has successfully attacked a Toronto, Canada company with its new ransomware. DarkSide reportedly also exfiltrated 200 GB of employee files, finance records, and payroll data, and business plans during the attack.
“If you need proof we are ready to provide you with it,” DarkSide posted on their site.
DarkSide asserts that they stole the information before encrypting the victim company’s IT network with their ransomware. According to a post by Bleeping Computer, their ransom demands range between $200,000 to $2,000,000.
This hacking organization is new to the cyber security researchers. They started attacking organizations earlier this month and claim that they have developed a better ransomware tool.
“We are a new product on the market, but that does not mean that we have no experience and we came from nowhere.
We received millions of dollars profit by partnering with other well-known cryptolockers.
We created DarkSide because we didn’t find the perfect product for us. Now we have it.”
Pressure to Pay
DarkSide is pressuring its victim into paying the ransom by posting the exfiltrated information online. But these threat actors are not the only hacking group that pressures victims with threats of releasing their sensitive information online unless they pay up.
Other hackers develop other tactics to monetize their cyber attacks. Evil Corp, the attackers who use Maze ransomware, will sell exfiltrated data stolen during their attacks on the dark web when their ransom is not paid. Like Evil Corp, Sodinokibi hackers also monetize data stolen from victims. In May, Sodinokibi set up a first ever dark web auction site to sell data stolen from another Canadian company – Agromart Group.
But DarkSide is not without limits. The hackers purport that they will not attack Medicine, education, non-profit organizations, or government organizations. A promise made, but often broken by other hacking groups.
The name of the billion-dollar, publicly traded Toronto company which is the current victim of DarkSide ransomware, is not being released.