CISA has published a new Malware Analysis Report (MAR) on DarkSide Ransomware and updated Alert AA21-131A: DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks, originally released May 11, 2021. This update adds indicators of compromise associated with a DarkSide ransomware variant that executes a dynamic-link library used to delete Volume Shadow copies available on the system.
CISA encourages users and administrators to review the following resources for more information:
- AA21-131A: DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks
- Malware Analysis Report MAR-10337801-1.v1
This product is provided subject to this Notification and this Privacy & Use policy.