DarkSide, the group responsible for the cyber attack on Colonial Pipeline, reportedly received over $90 million in Bitcoin from 47 victims before being forced to shut down last week, according to blockchain analytics firm Elliptic.
Nearly 99 organisations were infected with the DarkSide malware, which could mean that nearly 47 per cent of victims paid a ransom to regain control of data, Elliptic said in a blog. The average payment per victim could have amounted to $1.9m, the company estimated.
“We can follow the ransom payments and see where the Bitcoins are being spent or exchanged. What we find is that the majority of the funds are being sent to crypto-asset exchanges, where they can be swapped for other crypto-assets or fiat currency,” said Tom Robinson, co-founder and chief scientist of Elliptic.
The majority of the crypto-asset exchanges comply with the anti-money laundering regulations and verify their customers’ identity, often flagging any suspicious activity. These exchanges also use blockchain analytics tools to check customer deposits for links to illicit activity such as ransomware.
“However, some jurisdictions do not enforce these regulations”, and DarkSide’s ransomware proceeds were sent to those exchanges, Mr Robinson said.
DarkSide, which made its first appearance in August, said it is shutting down due to "pressure" from the US government and after losing control over its operations and money.
It also ran an affiliate programme to help other hacker groups in their infiltration attempts. Ransom amounts paid by the victims are shared between DarkSide and its affiliate.
“The developer [DarkSide] reportedly takes 25 per cent for ransoms less than $500,000, but this decreases to 10 per cent for ransoms greater than $5m,” Mr Robinson said.
“This split of the ransom payment is very clear to see on the blockchain, with the different shares going to separate Bitcoin wallets controlled by the affiliate and developer. In total, the DarkSide developer has received Bitcoins worth $15.5m [17 per cent], with the remaining $74.7m [83 per cent] going to the various affiliates.”
DarkSide follows the ransomware-as-a-service model, meaning it sells or leases ransomware to others to carry out attacks.
The group also has a help desk to arrange negotiations with victims and to collect information about their targets.
Colonial paid about $5m to hackers on Friday to regain control of its systems, according to Bloomberg. In earlier reports, the company had said it did not plan to pay any ransom.
What can victims do?
Always use only regulated platforms
Stop all transactions and communication on suspicion
Save all evidence (screenshots, chat logs, transaction IDs)
Report to local authorities
Warn others to prevent further harm
Courtesy: Crystal Intelligence
GAC GS8 Specs
Engine: 2.0-litre 4cyl turbo
Power: 248hp at 5,200rpm
Torque: 400Nm at 1,750-4,000rpm
Transmission: 8-speed auto
Fuel consumption: 9.1L/100km
On sale: Now
Price: From Dh149,900
SPEC%20SHEET%3A%20APPLE%20M3%20MACBOOK%20AIR%20(13%22)
%3Cp%3E%3Cstrong%3EProcessor%3A%3C%2Fstrong%3E%20Apple%20M3%2C%208-core%20CPU%2C%20up%20to%2010-core%20CPU%2C%2016-core%20Neural%20Engine%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EDisplay%3A%3C%2Fstrong%3E%2013.6-inch%20Liquid%20Retina%2C%202560%20x%201664%2C%20224ppi%2C%20500%20nits%2C%20True%20Tone%2C%20wide%20colour%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EMemory%3A%3C%2Fstrong%3E%208%2F16%2F24GB%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EStorage%3A%3C%2Fstrong%3E%20256%2F512GB%20%2F%201%2F2TB%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EI%2FO%3A%3C%2Fstrong%3E%20Thunderbolt%203%2FUSB-4%20(2)%2C%203.5mm%20audio%2C%20Touch%20ID%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EConnectivity%3A%3C%2Fstrong%3E%20Wi-Fi%206E%2C%20Bluetooth%205.3%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EBattery%3A%3C%2Fstrong%3E%2052.6Wh%20lithium-polymer%2C%20up%20to%2018%20hours%2C%20MagSafe%20charging%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3ECamera%3A%3C%2Fstrong%3E%201080p%20FaceTime%20HD%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EVideo%3A%3C%2Fstrong%3E%20Support%20for%20Apple%20ProRes%2C%20HDR%20with%20Dolby%20Vision%2C%20HDR10%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EAudio%3A%3C%2Fstrong%3E%204-speaker%20system%2C%20wide%20stereo%2C%20support%20for%20Dolby%20Atmos%2C%20Spatial%20Audio%20and%20dynamic%20head%20tracking%20(with%20AirPods)%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EColours%3A%3C%2Fstrong%3E%20Midnight%2C%20silver%2C%20space%20grey%2C%20starlight%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EIn%20the%20box%3A%3C%2Fstrong%3E%20MacBook%20Air%2C%2030W%2F35W%20dual-port%2F70w%20power%20adapter%2C%20USB-C-to-MagSafe%20cable%2C%202%20Apple%20stickers%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EPrice%3A%3C%2Fstrong%3E%20From%20Dh4%2C599%3C%2Fp%3E%0A
The specs
Price, base / as tested Dh1,470,000 (est)
Engine 6.9-litre twin-turbo W12
Gearbox eight-speed automatic
Power 626bhp @ 6,000rpm
Torque: 900Nm @ 1,350rpm
Fuel economy, combined 14.0L / 100km
SERIES INFO
Afghanistan v Zimbabwe, Abu Dhabi Sunshine Series
All matches at the Zayed Cricket Stadium, Abu Dhabi
Test series
1st Test: Zimbabwe beat Afghanistan by 10 wickets
2nd Test: Wednesday, 10 March – Sunday, 14 March
Play starts at 9.30am
T20 series
1st T20I: Wednesday, 17 March
2nd T20I: Friday, 19 March
3rd T20I: Saturday, 20 March
TV
Supporters in the UAE can watch the matches on the Rabbithole channel on YouTube
Fund-raising tips for start-ups
Develop an innovative business concept
Have the ability to differentiate yourself from competitors
Put in place a business continuity plan after Covid-19
Prepare for the worst-case scenario (further lockdowns, long wait for a vaccine, etc.)
Have enough cash to stay afloat for the next 12 to 18 months
Be creative and innovative to reduce expenses
Be prepared to use Covid-19 as an opportunity for your business
* Tips from Jassim Al Marzooqi and Walid Hanna
COMPANY PROFILE
Name: Kumulus Water
Started: 2021
Founders: Iheb Triki and Mohamed Ali Abid
Based: Tunisia
Sector: Water technology
Number of staff: 22
Investment raised: $4 million
Tamkeen's offering
- Option 1: 70% in year 1, 50% in year 2, 30% in year 3
- Option 2: 50% across three years
- Option 3: 30% across five years
All%20The%20Light%20We%20Cannot%20See%20
%3Cp%3E%3Cstrong%3ECreator%3A%20%3C%2Fstrong%3ESteven%20Knight%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EStars%3A%C2%A0%3C%2Fstrong%3EMark%20Ruffalo%2C%20Hugh%20Laurie%2C%20Aria%20Mia%20Loberti%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3ERating%3A%20%3C%2Fstrong%3E1%2F5%C2%A0%3C%2Fp%3E%0A
Various Artists
Habibi Funk: An Eclectic Selection Of Music From The Arab World (Habibi Funk)
Racecard
%3Cp%3E1.45pm%3A%20Bin%20Dasmal%20Contracting%20Cup%20%E2%80%93%20Maiden%20(PA)%20Dh50%2C000%20(Dirt)%201%2C200m%3Cbr%3E2.15pm%3A%20Al%20Shafar%20Investment%20Cup%20%E2%80%93%20Maiden%20(TB)%20Dh60%2C000%20(D)%201%2C200m%3Cbr%3E2.45pm%3A%202023%20Cup%20by%20Emirates%20sprint%20series%20%E2%80%93%20Handicap%20(TB)%20Dh84%2C000%20(D)%201%2C200m%3Cbr%3E3.15pm%3A%20HIVE%20Cup%20%E2%80%93%20Handicap%20(TB)%20Dh68%2C000%20(D)%201%2C400m%3Cbr%3E3.45pm%3A%20Jebel%20Ali%20Mile%20Prep%20by%20Shadwell%20%E2%80%93%20Conditions%20(TB)%20Dh100%2C000%20(D)%201%2C600m%3Cbr%3E4.15pm%3A%20JARC%20Cup%20%E2%80%93%20Maiden%20(TB)%20Dh60%2C000%20(D)%201%2C600m%3Cbr%3E4.45pm%3A%20Deira%20Cup%20by%20Emirates%20Sprint%20series%20%E2%80%93%20Handicap%20(TB)%20Dh76%2C000%20(D)%201%2C950m%3C%2Fp%3E%0A
