BlackBerry Prevents DarkSide Ransomware — Years Before It Ever Existed

BlackBerry Prevents DarkSide Ransomware

What is DarkSide?

DarkSide is a newer ransomware-as-a-service (RaaS) product that offers its malware for download on the dark web. Like many other RaaS vendors, DarkSide allows their customers to download malware and attack victims to extort money, exfiltrate files, and then share in the proceeds with the malware creators.

RaaS and other Malware as a Service (MaaS) vendors allow anyone to become a threat actor by offering the malware for download after signing up. This makes these services extremely dangerous for organizations around the world as traditional security companies are required to build defenses against hundreds if not thousands of different actors who attack with variants of the original malware.

Some RaaS services offer a very low barrier to entry, offering their malware for free in exchange for a share of the paid ransoms. Other RaaS vendors require some upfront payment to download the malware; but usually do not share in any profit from ransoms paid.

The FBI has been actively tracking DarkSide since it was first discovered in October 2020. The attack often occurs in two phases; after gaining access to the network, threat actors first exfiltrate as much data as they can before then encrypting the drives.

By exfiltrating the victim’s data, as with any good business model, the attackers then have multiple paths to revenue. They can threaten to release a victim’s sensitive data publicly and still control the victim’s computers, keeping them from being productive.

Does BlackBerry Prevent DarkSide Ransomware?

Yes. The BlackBerry Threat Research team has tested all known variants and confirmed they were successfully prevented by the current version of BlackBerry® Protect. We prevented the execution of the files using our AI engine without any updates or Internet connectivity. In fact, many of the known variants were prevented with a version of BlackBerry Protect from 2015!

Figure 1: BlackBerry Protect blocking DarkSide samples with our 2015 version, offline.

BlackBerry’s philosophy is different from much of the industry.

We do not believe that our customers should have to suffer the effects of cyberattacks. We do not believe that there needs to be victims.

Endpoint detection and response (EDR) focused solutions take action too late and do not prevent breaches. Prevention is our strategy.

Prevention IS possible; ask  Century Solutions Group to show you how.

BLACKBERRY PROTECT / 05.11.21 / The BlackBerry Research and Intelligence Team

Book a Free IT Consultation

Try Our Free, No Obligation 30-Minute Cyber Security Consultation

Try Our Free, No Obligation 30-Minute Cyber Security Consultation

Book a Free IT Consultation

Please complete the form and we will be in touch.

Menu