U.S. State Dept. offers $10 million reward for information on DarkSide cybercriminals


The U.S. Department of State is offering a reward of up to $10 million for information leading to the identification or location of the leaders of DarkSide transnational organized crime group.

The Federal Bureau of Investigation (FBI) identified DarkSide as the hacker group responsible for the ransomware attack on the Colonial Pipeline in May 2021. The ransomware attack caused a temporary shutdown of the 5,500-mile pipeline that carries 45% of fuel supplies on the East Coast. The shutdown resulted in fuel shortages, an increase in gas prices, and panic buying.

Additionally, the State Department is offering a reward of up to $5 million for information leading to the arrests and or conviction of any individual conspiring to participate in or attempting to join in a DarkSide ransomware attack.

Signup for the USA Herald exclusive Newsletter

“In offering this reward, the United States demonstrates its commitment to protecting ransomware victims around the world from exploitation by cybercriminals,” according to the State Department.

During a Senate committee hearing in June, Colonial Pipeline CEO Joseph Blount Jr. told lawmakers that the company paid approximately $5 million ransom to the DarkSide cybercriminals. He also revealed that the hacker group breached the company’s system using a single “compromised” password.

A day before testifying to the Senate committee, the Department of Justice (DOJ) announced the recovery of $2.3 million in bitcoin from the attackers of Colonial Pipeline.

In July, the State Department offered a reward of up to $10 million for information leading to the identification or location of any person, who while acting at the direction or under the control of a foreign government, participates in malicious cyber activities against U.S. critical infrastructure.

The State Department stated that Certain malicious cyber operations targeting U.S. critical infrastructure likely violate the Computer Fraud and Abuse Act (CFAA).

Violations of CFAA include extortion threats as part of ransomware attacks; intentional unauthorized access to a computer or exceeding authorized access and thereby obtaining information from any protected computer; and knowingly causing the transmission of a program, information, code, or command that damages a protected computer.

Have a story you want USA Herald to cover? Submit a tip here and if we think it’s newsworthy, we’ll follow up on it.

Want to contribute a story? We also accept article submissions – check out our writer’s guidelines here.