The DarkSide Gang, one of the most prominent ransomware groups, has extorted over $90 million in Bitcoin (BTC). Following this, they had allegedly discontinued its illegal operations, as new research states.
Analysts at Elliptic, a London-based blockchain analytics firm, had mentioned in a report published on Tuesday that they had unearthed a now-empty cryptocurrency wallet. The wallet bore the proceeds of the ransomware attacks that were engineered by the DarkSide gang.
“In total, just over $90m in Bitcoin ransom payments were made to DarkSide, originating from 47 distinct wallets,” wrote Elliptic’s co-founder and chief scientist, Dr Tom Robinson.
“According to DarkTracer, 99 organizations have been infected with the DarkSide malware – suggesting that approximately 47% of victims paid a ransom, and that the average payment was $1.9m.”
The DarkSide gang has made it to the news several times for the type and the number of cyberattacks. However, they gained popularity earlier this month after they crippled the Colonial Pipeline of America with ransomware. This exploit had triggered havoc buying alongside fuel shortages on the East Coast. With this, the gang had netted $5 million.
The Elliptic researchers had reported that the virtual wallet of the DarkSide Gang had received a ransom transaction of 75 Bitcoin (BTC) from the Colonial Pipeline.
On the 13th of May this year, the gang finally shut down its business and website. The researchers at Intel 471, a cybercrime intelligence provider, have reported that the team stated to its hacking partners that the sales of the software and the released services had been called off. The hacking partners had been using the RaaS or Ransomware-as-a-Service tools for launching the cyber attacks. Before the ransomware gang closed its services and websites, DarkSide seemed to achieve its maximum netted month in the last three quarters.
The Elliptic researchers had discovered that since October 2020, the DarkSide gang had collected its biggest Bitcoin earning of over $20 million in February this year. At the same time, the gang had netted around $15 million in May before it completely shut down.
The researchers had noted that the extorted money was divided between the developers (ransomware developers) and the affiliates (ransomware deployers).
“In the case of DarkSide, the developer reportedly takes 25% for ransoms less than $500,000, but this decreases to 10% for ransoms greater than $5m,” they wrote.
“This split of the ransom payment is very clear to see on the blockchain, with the different shares going to separate Bitcoin wallets controlled by the affiliate and developer.”
Elliptic had stated that the DarkSide developer had received Bitcoin worth $15.5 million in total.
Source: Infosecurity
Disclaimer: Read the complete disclaimer here.
.){kind=link}