DarkSide is a ransomware-as-a-service (RaaS) outfit that provides ransomware to affiliates within its network in return for a cut of any profits made by extorting victim organizations.
DarkSide affiliates employ a double-extortion tactic, in which companies first receive a demand for payment in return for a decryption key to unlock systems infected with DarkSide ransomware. If they refuse, they are then threatened with the public release of confidential data and records stolen during initial access on a leak site.

Threat Actors Known to use this Malware

No threat actors identified