The hacking business is surprisingly lucrative especially when you know who to target. Now I’m not supporting hacking in any way, it is illegal and immoral at the same time. But getting $90 million in ransoms in just 9 months isn’t a small sum, to say the least. The hacker group called DarkSide, who you might remember from earlier this month when they hacked into Colonial Pipeline, forcing them to shut down approximately 5,500 miles of pipeline in the US. They’ve collected a large sum over nine months from all their victims.
The pipeline hack not only crippled the gas delivery systems in the Southeastern states but also raised concerns over the security and cyberinfrastructure of the country. The FBI identified the attackers as DarkSide and it was later reported the Colonial had to pay a $5 million ransom to the group. Hacking a critical system like pipelines is no small crime mind you.
DarkSide doesn’t always attack personally though, they develop and sell their ransomware to other criminal groups who then proceed to carry out attacks. For those who don’t know, ransomware is a type of malicious code that is designed to block access to a computer that it infects. Hackers can then demand payment from the victims if they want access back into their machines.
A blockchain analytics firm in London called Elliptic was able to identify the bitcoin wallet used by DarkSide to collect ransom payments. The discovery was made last Friday and on the same day, security researchers Intel 471 reported that DarkSide had closed down after losing access to its servers and as its cryptocurrency wallets were emptied. The wallet contained around $5.3 million worth of bitcoins before it was drained. There has been speculation that the US government had seized the sum.
Elliptic shared their analysis in a blog post, saying that DarkSide and its affiliates had gathered around $90 million in bitcoin payments from over 47 victims in the past nine months. This means that each victim paid $1.9 million on average. According to Tom Robinson, Elliptic’s co-founder and chief scientist, “To our knowledge, this analysis includes all payments made to DarkSide, however further transactions may yet be uncovered, and the figures here should be considered a lower bound”.
DarkSide took around $15.5 million in developer fees while the rest was taken by its affiliates. Companies really need to strength their cybersecurity solutions because now even government facilities aren’t safe. The case of DarkSide will only serve as motivation for other ransomware groups to surface as well.