A crime forum is holding a quasi-judicial proceeding against the makers of DarkSide, the ransomware that shut down Colonial Pipeline two weeks ago, to hear claims from former affiliates who say the makers skipped town without paying. Or, at least that’s what members of crime forum XSS.is want us all to believe.
A Russian-speaking person using the handle “darksupp” took to XSS.is in November to recruit affiliates for DarkSide, researchers at security firm FireEye said recently. At the time, DarkSide was the new ransomware-as-a-service on the block, and it was in search of business partners.
Since then, DarkSide has cashed in spectacularly. According to newly released figures from cryptocurrency tracking firm Chainalysis, DarkSide netted at least $60 million in its first seven months, with $46 million of it coming in the first three months of this year.