US government unveils $10 million bounty for DarkSide ransomware gang leaders


The $10 million is for intel that leads to the identification or location of anyone who holds a leadership position in the DarkSide group.

Image: Shutterstock/Vchal

Any bounty hunters out there could potentially score a cool $10 million if they help the US government snag one of the leaders of the DarkSide ransomware gang. On Thursday, the US State Department announced the new bounty, offering the money for any information that helps to identify or locate one of the cybercriminals who has a key leadership position in the infamous group.

SEE: Ransomware: What IT pros need to know (free PDF) (TechRepublic)

The Start Department is also touting a reward of up to $5 million for info that leads to the arrest and/or conviction of anyone who tried to participate in a DarkSide variant ransomware attack. This offer widens the net to people who acted as affiliates of DarkSide’s Ransomware-as-a-Service operation or those who worked with any offshoots of the DarkSide ransomware. The individual’s arrest or conviction can occur in any country, thus avoiding the need for extradition to the US.

“In offering this reward, the United States demonstrates its commitment to protecting ransomware victims around the world from exploitation by cybercriminals,” the State Department said. “The United States looks to nations who harbor ransomware criminals that are willing to bring justice for those victim businesses and organizations affected by ransomware.”

Ransomware has grown into a huge global problem with criminal groups stealing sensitive data and extorting victims for large sums of money. Though many gangs operate worldwide, the State Department likely singled out DarkSide due to its attack against Colonial Pipeline this past May. That incident forced the company to temporarily close its pipeline, which is responsible for 45% of the fuel delivered to the East Coast. The attack showed how ransomware can impact critical infrastructure and resources, thereby affecting a large number of people.

However, DarkSide’s boldness in targeting such a critical organization led to undue publicity about the group, thereby shining a light on the new wave of ransomware attacks. That in turn has prompted the US government and others to take a stronger stance against this type of crime, vowing to combat the problem and bring perpetrators to justice through a variety of measures.

“This announcement is extremely noteworthy,” said Sean Nikkel, senior cyberthreat intel analyst at security provider Digital Shadows. “While there was a similar announcement in July 2021 from the State Department for a $10M reward in the fight against nation-state activity, this is the first to target an actor explicitly. For reference, the reward for information leading to the capture of Osama bin Laden was $25M, so it does illustrate how important this information might be, especially since the incentive is enough that it potentially turns friends into foes.”

SEE: Hiring Kit: Cybersecurity Engineer (TechRepublic Premium)

Though offering a bounty to deliver a criminal may sound like a long shot, the US is clearly counting on the old adage of there being no honor among thieves.

“As ransomware operators have adopted an affiliate model for operations, the number of people they must place trust in, even at arm’s length, has increased dramatically,” said BreachQuest co-founder and CTO Jake Williams. “With rewards this large, there’s a substantial incentive for these criminals to turn on one another. Perhaps more importantly than the specific impacts to DarkSide, this action undermines trust across the ransomware as a service affiliate model.”

The reward is part of the State Department’s Transnational Organized Crime Rewards Program (TOCRP). Set up in 2013, the TOCRP is designed to combat worldwide organized crime, including cybercrime. The department said that more than 75 transnational criminals and drug traffickers have been brought to justice, while more than $135 million in rewards have been paid out.

Also see



Source link