A new hacking group has revealed itself and shows that hackers are stepping up their game in getting companies information. A group calling themselves, Darkside, has styled themselves as sort of Robin Hood figures, hacking large companies that are able to pay the ransoms demanded.
What separates this group from most hacking groups is the so-called professionalism that this group portrays itself as. They have a, phone number and even a help desk to facilitate their negotiations, looking every part a white hat hacker. Furthermore, they claim to be targeting those who can pay the ransoms, large companies worth millions of dollars. [1]
Then it is sent to charities via The Giving Block, a charity that donates to various charities via untraceable cyber currency such as bitcoins. Two have been revealed, Children’s International, a charity that focuses on families in several countries around the world including the US and India and The Water Project, a group dedicated to getting clean water to Sub Saharan Africa. Both groups were sent $10,000 in bit coins and other cyber currency. While The Water Project has not said anything, Children’s International has attempted to return the funds, saying to the BBC: "If the donation is linked to a hacker, we have no intention of keeping it".
These attacks show a new method and motivation for hackers. According to Brett Callow, Threat Analyst at cyber-security company Emsisoft, "What the criminals hope to achieve by making these donations is not at all clear. Perhaps it helps assuage their guilt? Or perhaps for egotistical reasons they want to be perceived as Robin Hood-like characters rather than conscienceless extortionists. Whatever their motivations, it's certainly a very unusual step and is, as far as I know, the first time a ransomware group has donated a portion of their profits to charity." [2]
Hackers evolve and change their methods and now we have scrupulous actors acting as some sort of white knights. Though they seem benign, the reality is they are still malicious actors looking to steal money for supposedly a good cause and these charities have no way to return said currency. Review your cyber protocols and be careful opening emails from unknown actors.
[1] https://www.wired.com/story/ransomware-gone-corporate-darkside-where-will-it-end/
