State Department offers $10 million reward for help identifying DarkSide ringleaders

The State Department on Thursday announced a $10 million bounty for information on the location of leaders of the DarkSide ransomware gang, and $5 million for information that leads to the arrest or conviction of any affiliates of the group.

DarkSide in May hacked fuel provider Colonial Pipeline, forcing the company to shut down its operations, resulting in panic-buying at gas stations in some areas of the U.S. ahead of Memorial Day weekend. The Justice Department retrieved $2.3 million of the nearly $5 million ransom payment Colonial Pipeline made to the Russian-speaking hackers.

“In offering this reward, the United States demonstrates its commitment to protecting ransomware victims around the world from exploitation by cybercriminals,” State Department spokesperson Ned Price said in a statement. “The United States looks to nations who harbor ransomware criminals that are willing to bring justice for those victim businesses and organizations affected by ransomware.”

The State Department did not immediately reply to a request for comment.

DarkSide, which is believed to be located out of Russia, has been largely dormant in recent months.

Multiple research firms believe that BlackMatter, a group behind recent attacks on the agriculture industry, may have links to DarkSide. That could potentially put the group’s affiliate in the crosshairs of the new bounty. However, BlackMatter on Nov. 4 claimed to be shutting down under pressure from law enforcement.

The Treasury Department in July launched a reward program for information on ransomware actors engaged in attacks against U.S. critical infrastructure as part of a larger push by the Biden administration to take on cyber threats. It’s unclear if the program has led to any payouts so far.

The post State Department offers $10 million reward for help identifying DarkSide ringleaders appeared first on CyberScoop.


This site uses cookies to offer you a better browsing experience. By browsing this website, you agree to our use of cookies.