The ‘DarkSide’ Operators Respond to the Release of a Decryptor

  • BitDefender’s DarkSide decryptor hasn’t done much damage to the RaaS program, according to the operators.
  • The group has given new incentives to join the platform and saw a 20% rise in membership in just two days.
  • BitDefender could have chosen a better timing for the decryptors release, as they now saved only three firms.

Last week, BitDefender released a working decryptor for the DarkSide group’s ransomware, giving victims a way to unlock their files for free. Being a new and “hopeful” RaaS (ransomware as a service), DarkSide had to provide an official response to the situation, or the underground cyber-crime community could lose faith and not use the platform anymore.

Darkweb intelligence firm KELA tipped us about a relevant Q&A that was released by ‘DarkSide’ over the weekend, giving some explanations about the situation - and most importantly, providing some unexpected assurances.

Source: KELA

First of all, the ransomware actors do not believe that the decryptor’s release will affect subsequent payments because all new targets will be victimized using unique keys, and BitDefender’s tool won’t be able to help them. Also, the chances of having an update on the current decryptor that would enable it to unlock subsequent infections are slim. As the announcement explains, the ransomware authors don’t use pseudo-random number generators but the FIPS 140-2 cryptographic standard, which is a U.S.-government-level crypting module approval system.

All that said, only existing infections are affected by BitDefender’s decryptor, and DarkSide claims that the number of targets who can benefit from it is just “four.” One of them already paid the ransom, so in reality, it’s just three companies. For these three, the directly affected partners will be fully compensated from the DarkSide’s deposit in the next 10 days.

This is a move to help establish a higher level of trust between the operators of the RaaS program and the partners. In this context, the operators declared a plan to increase the deposit amount in the following two months to cover for any potential problems in the future. In addition to all of the above, existing partners will get to keep the full amounts of any paid ransoms for the next three weeks, while new registrants will enjoy a cut of 90% for the first two weeks.

Finally, DarkSide mocks BitDefender for choosing a very bad time to release the decryptor as the New Year holidays are when everyone is taking a break, including ransomware actors. Thus, there were no significant attacks and no opportunities to help high-profile victims. In fact, DarkSide claims that the publicity from the release of the decryptor actually brought many new partners aboard (20% increase) in just 48 hours, further strengthening the platform.

Latest
How to Watch Call Me Kat Season 3 Online From Anywhere
Fans of the show need not wait much longer, as the third season of the Fox show based on the British sitcom...
How to Watch DNA Journey Season 4 Online From Anywhere
A new installment of the show where famous duos go on an emotional and life-changing journey to learn more about their origins...
How to Watch ‘Sex, Lies and the College Cult’ Online From Anywhere: Stream the Lawrence Ray Documentary
A new and exciting documentary will soon make it to the screens, and you can easily add it to your streaming list...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari
[class^="wpforms-"]
[class^="wpforms-"]
[class^="wpforms-"]
[class^="wpforms-"]