Security News > 2021 > May > DarkSide: Newly Found Variant and Implications for the Ransomware Gang's Future
DarkSide the name given to both the gang and the ransomware it operated announced on May 13, 2021 that it would immediately cease operation of the DarkSide Ransomware-as-a-Service program.
Three days later, researchers published an analysis of a newly found DarkSide variant containing a new function.
It was found before the program closure - raising two questions: is the new variant a threat; and what should we make of the DarkSide shutdown?
Matt Lock, the UK technical director at Varonis, explains that sometimes their affiliates would take the ransomware and control the entire attack; sometimes the affiliate would provide the access and DarkSide would effect the attack; sometimes it would be the reverse; and for really 'juicy' targets, DarkSide might do everything itself.
On May 17, 2021, Fortinet's FortiGuard Labs published a report on a newly discovered function in a DarkSide variant that targets disk partitions.
It may be under a different name with amended software, or it may be a different gang using the DarkSide software but the model has proven too effective and too profitable to be permanently abandoned.