CISA Publishes Malware Analysis Report and Updates Alert on DarkSide Ransomware

CISA has published a new Malware Analysis Report (MAR) on DarkSide Ransomware and updated Alert AA21-131A: DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks, originally released May 11, 2021. This update adds indicators of compromise associated with a DarkSide ransomware variant that executes a dynamic-link library used to delete Volume Shadow copies available on the system.

CISA encourages users and administrators to review the following resources for more information:

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts.

We recently updated our anonymous product survey; we'd welcome your feedback.