DarkSide was discovered by MalwareHunterTeam. Most of the time, malware of this type is designed to make files inaccessible to victims by encrypting them, modifying their file names, and generating some ransom note. DarkSide renames the encrypted files by adding the victim’s ID as an extension. For example, change the name from “1.jpg” to “1.jpg.d0ac7d95”. Leaving the ransom note “README. [Victim_ID] .TXT” in each folder containing encrypted data.
As stated in the ransom note, the DarkSide ransomware encrypts the data with strong encryption algorithms so that the victims cannot decrypt it without the software that can be purchased from the cyber criminals behind this malware. Victims are warned that all their data will be published on a certain website if they refuse to pay a ransom and it is stored on it for at least 6 months.
This malware, as it has been said, is likely that the cybercriminals behind DarkSide target large companies or organizations more than anything because their decryption software costs 194,105 BTC. Also, victims are encouraged to purchase such software within 3 days, otherwise its price will double and cost 388,209 Bitcoins.
The biggest problem with being a victim of a ransomware attack is that the cybercriminals behind a certain ransomware are the only ones who have the tools that can decrypt the victim’s files. Unfortunately and so far there are no other tools that can also decrypt files encrypted by DarkSide.
Unfortunately and as we always say, paying the ransom is not a solution since we are only strengthening the economy of these people and in addition to not ensuring the return of your encrypted data, so you must be prepared for this.
Other reads:
Phobos – A serious threat for working enterprises
Supply Chain Attack – A risk for the companies
[…] also:Darkside is a Malware that is aimed at big companiesCyberattacks that financial companies have […]