← Back to Ransomware Chk

Darkside

Inactive
Darkside ransomware group has started its operation in August of 2020 with the model of RaaS (Ransomware-as-a-Service). They have become known for their operations of large ransoms scale. They have announced that they prefer not to attack hospitals, schools, non-profits, and governments, but rather big organizations that can be able to pay large ransoms. Darkside ransomware group became very famous following the cyberattack of the Colonial Pipeline and Toshiba unit. The FBI finally terminate the Darkside operation and Managed to pull money from their wallets back.
10 Victims
Jul 31, 2020 First Discovered
May 12, 2021 Last Discovered
1817 Days Inactive
0% Infostealer
0/1 Sites Online
Top Countries
CA 2
GB 1
US 1
IT 1
BR 1
Top Sectors
Manufacturing 2
Transportation/Logistics 2
Consumer Services 2
Business Services 1
Agriculture and Food Production 1
Energy 1
Construction 1
Known Locations (1)
darksidc3iux462n6yunevoag52ntvwp6wulaz3zirkmh4cnz6hhj7id.onion
Tools Used
CredentialTheft
Mimikatz, SessionGopher
DiscoveryEnum
ADRecon, AdFind, Advanced IP Scanner, SoftPerfect NetScan
Exfiltration
Bashupload, MEGA, RClone, Sendspace, pCloud
LOLBAS
PsExec
Networking
Plink
Offsec
Cobalt Strike, CrackMapExec, Impacket, PowerSploit
RMM-Tools
AnyDesk, GoToAssist, TightVNC
Victims (10)
One Call (insurance)
GB Manufacturing Discovered: May 12, 2021 · Attack est.: May 12, 2021
Colonial Pipeline
US Transportation/Logistics Discovered: May 6, 2021 · Attack est.: May 6, 2021
Toshiba Tec Group
Manufacturing Discovered: Apr 30, 2021 · Attack est.: Apr 30, 2021
Compucom (MSP)
Business Services Discovered: Feb 26, 2021 · Attack est.: Feb 26, 2021
Segafredo Zanetti
IT Agriculture and Food Production Discovered: Jan 31, 2021 · Attack est.: Jan 31, 2021
Companhia Paranaense de Energia (Copel)
BR Energy Discovered: Jan 31, 2021 · Attack est.: Jan 31, 2021
Home Hardware Stores Ltd
CA Consumer Services Discovered: Jan 31, 2021 · Attack est.: Jan 31, 2021
Discount Car and Truck Rentals
CA Transportation/Logistics Discovered: Jan 31, 2021 · Attack est.: Jan 31, 2021
Guess
Consumer Services Discovered: Jan 31, 2021 · Attack est.: Jan 31, 2021
Brookfield Residential (land developer and home builder)
Construction Discovered: Jul 31, 2020 · Attack est.: Jul 31, 2020
Source: Ransomware.live | Data cached and served by Digital Checkmark IT Services | Ransomware Chk