The US Department of State is set on taking down the DarkSide ransomware members, so it announced offering a reward of up to $10,000,000 for anyone providing information that would lead to identifying or locating one or more key leaders of the transnational organized crime group. This was seconded by a reward of up to $5,000,000 for information resulting in the arrest and/or conviction in any country of any person participating or attempting to do so in DarkSide incidents.
Through this announcement, the US shows commitment towards offering ransomware victims around the world protection from exploitation by cybercriminals and asks countries that harbor ransomware criminals to deliver justice for victims affected by these attacks. This remuneration comes under the Department of State’s Transnational Organized Crime Rewards Program (TOCRP). This government agency has already apprehended and helped prosecute 75 transnational criminals and major narcotics traffickers since 1986.
The US DOS said the reason for this action stemmed from the Colonial Pipeline ransomware attack that had colossal effects on the East Coast fuel supply. However, the U.S. DoJ managed to retrieve $2.3 million of the Colonial Pipeline ransom payment to DarkSide in June 2021.
The DarkSide ransomware is believed to have rebranded as the BlackMatter group, which emerged in late July 2021. Even though the new actors promoted themselves as taking the best parts of other malware, such as GandCrab, LockBit, REvil, and DarkSide, they seemed highly similar to the latter.
The FIN7 cybercrime group, considered the creator of Darkside and BlackMatter, was recently linked to a cybersecurity firm by an important report, which led to BlackMatter announcing shutting down to due pressure from the authorities. One FIN7 member was already arrested this summer and received a sentence of seven years in prison.