American Authorities Offer $10 Million for Actionable Info on DarkSide

The United States federal government has increased the reward for providing actionable information on the infamous DarkSide ransomware gang.

The U.S. Department of State released a formal press release, announcing a $10 million reward for anyone who provides information "leading to the identification or location" of individuals in key positions within the DarkSide gang. Separately from the $10 million for information leading to the arrest of high-ranking DarkSide members, the Department is also offering $5 million for actionable information that leads to the "arrest and/or conviction in any country of any individual conspiring to participate in or attempting to participate in a DarkSide variant ransomware incident".

This definition is quite broad and encompasses not just the core DarkSide top brass but seems to imply virtually every third party of DarkSide affiliate entity that is planning to execute an attack using the DarkSide ransomware.

It is worth noting that DarkSide seemed to pull the shutters in the summer of 2021, or at least wanted to give the appearance that it is closing down. Briefly after the supposed shutdown of DarkSide, a new entity showed up in the ransomware landscape. The new outfit was named BlackMatter and was believed to be a successor of DarkSide, with the two groups sharing core members.

Just a few days ago, BlackMatter also announced it was closing down. The announcement was made on the group's dark web page and hinted at the very likely arrest of a core member, who was no longer available.

DarkSide was the ransomware group behind the major attack on Colonial Pipeline in the spring of 2021 that caused major liquid fuel supply issues for a large portion of the US East Coast. The attack was followed by top-level talks between Washington and Moscow that were in turn closely followed by the shutdown of the server infrastructure of another big name in ransomware - the REvil gang.

A recent Russia-language post on the Groove gang website urged various ransomware groups to unite and attack "US interest" together. Whether anyone will answer this rallying call or pressure from authorities has increased to a point where hackers turn tail remains to be seen.