Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

DarkSide Ransomware Made $90 Million In Just Nine Months

DarkSide Ransomware Made $90 Million In Just Nine Months

The DarkSide ransomware gang has collected at least $90 million in ransoms paid by its victims over the past nine months to multiple Bitcoin wallets.

Around 10% of the profit came in one week from attacking just two companies: Colonial Pipeline, the largest oil pipeline system in the United States, and Brenntag, a large chemical distribution company in Germany.

Huge ransom payments

Blockchain analysis company Elliptic found and analyzed ransom payments made to DarkSide from 47 distinct Bitcoin wallets. The transactions totaled just over $90 million since October 2020.

DarkSide ransom payments since October 2020
source: Elliptic

Assuming these are all the payments that DarkSide received from its victims, the group’s average ransom would be $1.9 million, making the threat actor one of the greediest in the ransomware business.

Also Read: What You Should Know About The Data Protection Obligation Singapore

In a report yesterday, Dark web intelligence service DarkTracer counts 99 DarkSide victims. The number may be slightly higher, though.

blog post from Managed Detection and Response (MDR) service provider eSentire on May 12, a day before DarkSide operations closed, counted 59 victims listed on the gang’s leak site, which would add to the 47 associated with the Bitcoin wallets that Elliptic analyzed.

Although DarkSide launched in August 2020, the gang became a prolific actor on the ransomware scene and saw a significant surge in profits lately.

Elliptic notes in a report last week that the operation made $17.5 million, which is around 20% of its known total profits, only in the past three months.

Attacks on Colonial Pipeline and Brenntag chemical distribution company brought the cybercriminals about $10 million, as the former paid nearly $5 million and the latter paid a $4.4 million ransom.

Splitting the profit

Being a ransomware-as-a-service (RaaS) operation, the DarkSide profits were split between the developers of the malware and the affiliates that breached victim networks, stole data, and deployed the file-encrypting malware.

Affiliates, or partners, typically get the lion’s share of the money because they do most of the work. In the case of DarkSide, they got between 75% and 90% of the profit, depending on the size of the ransom.

For ransoms smaller than $500,000, the DarkSide developers would take 25%; the share decreased to 10% for larger payments of more than $5 million.

Elliptic co-founder and chief scientist Dr. Tom Robinson says that the “split of the ransom payment is very clear to see on the blockchain” and that the malware developer received $15.5 million worth of bitcoins from the total profits.

DarkSide ransom payments split
source: Elliptic

Following the transactions from wallets belonging to DarkSide affiliates, Robinson found that 18% of the proceeds were sent to some exchange services and 4% went to a large dark market that provides, among others, cash-out services.

Also Read: The Difference Between GDPR And PDPA Under 10 Key Issues

With $90 million from ransoms over a period of nine months, DarkSide sits among the most profitable ransomware groups:



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us