Darkside ransomware operators donate money to charity

ZDNet reports that the hackers behind the Darkside ransomware have donated money to charity. Recently $ 10,000 in ransoms went to Children International and The Water Project.

Last week, each organization received 0.88 bitcoin from hackers.

The Darkside group has been active since August 2020 and is a classic “big game hunter”, that is, it predominantly attacks large corporate networks, encrypts data, and then demands huge ransoms from the affected companies.

If victims refuse to pay, Darkside members publish the data stolen from victims on their darknet site.

This “press release”, as the hackers call it, followed another statement released in August this year. The group then pledged not to encrypt files belonging to hospitals, schools, universities, non-profit organizations and the public sector. Whether the criminals kept their promise is unknown.

It is worth saying that at the beginning of the COVID-19 pandemic, other ransomware hack groups also promised not to attack the health sector, and many ultimately kept their word.

Interestingly, Darkside is far from the first hack group to donate money to charities and nonprofits. For example, in 2016, the Phineas Fisher group claimed to have hacked into a bank and donated money to the autonomous Kurdish entity of Rojava.

In 2018, the GandCrab ransomware operators released free decryption keys for victims in Syria and added an exception to their code that prevented malware from encrypting the files of people in Syria. Ironically, this exception for the Syrian victims ultimately helped cybersecurity specialists connect the group with the REvil malware, when the GandCrab operators announced the termination of their activities and began working on the REvil (Sodinokibi) malware – cybersecurity experts believe that both ransomware was created by one group of developers.