U.S. Offering $10 million to Track Down Darkside Leadership

On November 4th, the U.S. government announced a reward of up to $10 million for any information that could lead to the identification or location of anyone with a leadership position within the Darkside ransomware group, which the FBI believes to be based in Russia.

The authorities are also offering an additional $5 million for the identification of people from any country who are trying to participate in any way in a Darkside-organized ransomware attack.

The FBI said that Darkside was responsible for the May attacks on the Colonial Pipeline, which led to spikes in gas prices and fuel shortages in the American Southeast.

“In offering this reward, the United States demonstrates its commitment to protecting ransomware victims around the world from exploitation by cyber criminals,” announced the State Department in a press statement.

The State Department’s Transnational Organized Crime Rewards Program will be providing the cash reward. The program has dished out more than $135 million in rewards since it was founded in 2013 and has put over 75 international criminals to justice.

Colonial Pipeline had to pay $5 million worth of Bitcoin In ransom to regain access to its systems, $2.3 million of which were recovered by the U.S. Justice Department in June.

The CEO of the company authorized the payment of the ransom just a few hours after the incident due to the uncertainty regarding how quickly they could get the pipeline back online.

This attack showed how powerful cyber criminals have become in recent years, and the response must be strong to prevent similar attacks on critical national infrastructure in the future.


If your company has been a victim of a recent ransomware attack, LIFARS is here to help. LIFARS is offering new and innovative service for the victims of ransomware attacks. Find out if your infrastructure is still controlled by adversaries after you contained the imminent ransomware threat.


The Colonial Pipeline was only one incident in a series of ransomware attacks targeting U.S. companies of all sizes, forcing the Biden administration to re-evaluate its commitment to building an appropriate cybersecurity infrastructure and optimizing government response for future attacks.