DarkSide hackers came into the spotlight last year, and they have become renowned for milking money out of organizations through ransomware attacks.
The group is made of hackers who previously worked with other organizations before deciding to branch out independently. One of the recent DarkSide hacking attacks was on Colonial Pipeline, where the hackers made away with 100GB of data and encrypted information and demanded a ransom.
Following the attack, DarkSide has become a common name in the USA, and they have become renowned cybercriminals.
DarkSide hackers have come out as more of an organized institution rather than the common hacking group
According to Mark Arena, the CEO of Intel 471, “These guys provide the marketing, the people who handle customer success, as well as the actual ransomware.” “Fortune 500 CEOs would be impressed with the efficiency of the business model,” Arena added.
Because of their organization, the group has successfully hacked top firms, including banks and legal institutions. Based on their hacking methods, it is clear that the firm mainly targets organizations in Brazil, Europe, and South Africa. It has also been reported that affiliates in the group are requested not to attack firms within Russia and the former Soviet Union, which shows their home base.
Evidence has been tabled showing that DarkSide did not intend for the hack on Colonial Pipeline to have the great impact that it did. In a statement issued by the hacking group on Monday, they stated that they did not have any political interests and had no control over the organizations attacked by their affiliates.
According to the head of cyber at BAE systems, this statement could be true because “The traditional affiliate model is like a distributor in business,” he said. “You build the tools but then scale up by getting a whole lot of people to use your tools and services.”
According to a recent study of the group, it is also clear that they have rules against attacking hospitals and non-profit organizations. An analysis conducted by ESentire also shows that the group has donated funds to various charity organizations that support vulnerable children and another organization that distributes clean drinking water in Africa.
There was a time when the hacking group stated that they would offer stock traders insider information of victim companies. This was seen as a Robin Hood move aimed at redistributing corporate wealth to others who needed it more.
Because of the devastating effect that the Colonia attack had on the fuel supply of the US East Coast, the hacking group stated that they would keep a keen eye on the organizations that their affiliates targeted.
According to the firm’s statement on its dark web page, “Our goal is to make money and not creating problems for society. From today, we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.”
However, BAE has stated that the code of conduct that DarkSide displays on the public is just a marketing strategy. According to BAE, the group picks its targets for ideological purposes. Like many other hacking groups , attacking large oil and manufacturing companies is ideal because such companies have cyber insurance and quickly pay the ransom.
“You hear this talk of the geopolitical stuff, but this is really about money,” BAE stated. “These are criminals, and they act rationally; they do what they need to make money.”