Discovery Corner

Darkside ransomware | Free decrypter released for victims of darkside ransomeware

A new tool was released on 12th January 2020 by security firm Bitdefender allows victims of the Darkside ransomware to recover their files without paying the ransom demand - and it's free!

Darkside ransomware
Home | Discovery Corner | Cyber Security | Darkside ransomware | Free decrypter released for victims of darkside ransomeware

Darkside is a new ransomware attack that started at the beginning of August 2020. It is supposedly run by former affiliates of other ransomware campaigns that extorted money who decided to come up with their own code. According to the known incidents, the ransom demanded falls in the range of between $200,000 and $2,000,000 (US). 

Like other ransomware used in targeted attacks, Darkside not only encrypts the user’s data but also ex-filtrates data from the compromised servers. 

A new tool was released on 12th January 2020 by security firm Bitdefender allows victims of the Darkside ransomware to recover their files without paying the ransom demand – and it’s free!

Active since the summer of 2020, the Darkside group launched and still operates today through ads posted on cybercrime forums.

Darkside Ransomware
Darkside Ransomware

The group uses a well-established Ransomware-as-a-Service (RaaS) model to partner with other cyber crime groups.

These groups would apply for the Darkside RaaS and receive a fully functional version of the Darkside ransomware. They would then breach companies using their own chosen methods, install the ransomware, and ask for huge payouts, usually in the realm of hundreds of thousands or millions of US dollars.

This modus operandi isn’t new, and it’s called “big-game hunting” because ransomware gangs usually tend to go after companies, instead of home users, in the hopes of increasing their profits.

In situations where victims didn’t want to pay, Darkside operators leak documents they stole from the victim’s network on a dedicated “leak site,” as a form of punishment and forwarning to other victims who may want to restore from backups instead of paying the crooks.

Will the decrypter to a darkside ransomware shutdown?

First and foremost, the tool helps companies recover important files that were encrypted months before and which they weren’t able to restore but still have around, saved on backup drives.

Second, the tool also incurs operational costs to the Darkside gang, which will now have to re-do all its file encryption code to prevent free decryptions.

Third, the tool also deals a major reputational blow to the Darkside RaaS. Many ransomware operations have shut down in the past after the release of a free decrypter, as most of their customers abandoned them for newer and non-decryptable competitors.

As for the victims themselves, the good news is that the free decrypter released by Bitdefender should, in theory, work for all recent versions of the Darkside ransomware, regardless of the file extension that crooks added at the end of each encrypted file.

Rebecca Groves
Rebecca Groves
July 20, 2020.
Penntech have worked with us for a number of years now and have always gone above and beyond to provide an efficient professional service in every circumstance. Their friendly responsive approach is refreshing and nothing is too big or too small to assist with.
nick groves
nick groves
July 20, 2020.
Lewis and his team are fantastic! Highly recommended
Demstone Chambers
Demstone Chambers
May 29, 2020.
Friendly and approachable, but also excellent technically. As a barristers chambers we have industry-specific data protection requirements. Penntech showed in-depth knowledge about the interaction between these requirements and technical IT aspects.
Marion Caillat
Marion Caillat
May 20, 2020.
Penntech helped us migrate and merge our inbox's for our small restaurant and bar group. They were super efficient and got everything done within 24 hours. I highly recommend them and will be using them again.
Jonathan Davies
Jonathan Davies
May 18, 2020.
Heartstyles have worked with Penntech for 3 years. The initial brief to sort out our global IT requirements. Penntech have always been refreshing clear in their comms, avoiding IT gobbledygook. No job has been too small to support and they always deliver above and beyond what was required and within budget. They clearly know what they’re doing and the level of service is always outstanding

Your Blog contact - like to see a specific article? Just reach out

Author profile
Business & People Manager at Penntech IT Solutions | 02033 711 810 | elaine.ladyman@penntech-it.com

More Articles

4 Reasons Why Social Proof Is Essential to Building Your Brand

"Your social proof is the elements of conversation that verify your brand...it is...

A day in the life of the remote worker

This infographic outlines a day in the life of a remote worker using...

Managing Remote Employees? Spot This Problem and Improve Productivity

Good workplace relationships are the backbone of any successful business. How are you...

Find out how we can help you

GET IN TOUCH Request Support