DarkSide is a ransomware-as-a-service (RaaS) outfit that provides ransomware to affiliates within its network in return for a cut of any profits made by extorting victim organizations.
DarkSide affiliates employ a double-extortion tactic, in which companies first receive a demand for payment in return for a decryption key to unlock systems infected with DarkSide ransomware. If they refuse, they are then threatened with the public release of confidential data and records stolen during initial access on a leak site.


Incidents Caused by this Malware

  • May 13, 2021: Toshiba Hit In DarkSide Ransomware Attack
  • May 7, 2021: Colonial Pipeline Ops Shut Down after Ransomware Attack

Threat Actors Known to use this Malware

No threat actors identified

Pin It on Pinterest

Scroll to Top
Scroll to Top