'Robin Hood' hackers donate stolen Bitcoin to charity

Hacker in green extorting Bitcoin

A hacking group going by the name of Darkside has attempted to donate around $20,000 in stolen Bitcoin to charity.

One of these charities, Children Internation, said it will be refusing the $10,000 donation because it has allegedly come from a ransomware attack, according to the BBC.

The charity, which supports children, families and communities across Asia, Africa, South America and the US, told the BBC: "If the donation is linked to a hacker, we have no intention of keeping it".

The Darkside hacking group clams to have extorted millions of dollars from ransomware attacks. The organisation has said it intends to distribute their ill-gotten gains to those in need as they want to "make the world a better place". This group has posted receipts of two $10,000 Bitcoin donations it has claimed to have made to Children International and The Water project.

The so-called Robbin Hood-style operation seems to be part of a growing trend of ransomware gangs trying to "whitewash their image", according to Kelvin Murray, a senior threat researcher at Carbonite and Webroot.

"We have seen this with the Maze gang, amongst others, where throughout the COVID-19 pandemic they have continuously reminded us that they have not been targeting hospitals out of moral concern," Murray told IT Pro.

"This also coincides with their relatively new tactic of stealing data from their victims and threatening to publicly post it on websites. These large gangs also do a lot of public posting on the dark web as they court customers and form business alliances.

"I would imagine that PR is more of a concern for them now because they are relying more on publicity and good faith from their stakeholders and victims in order to make their extortion tactics successful."

Darkside is a relatively new organisation, but there is evidence in the cryptocurrency market to suggest it is a big player in ransomware. The group is also thought to be linked to gangs responsible for some of this year's biggest attacks, such as the Travelex fiasco.

Bobby Hellard

Bobby Hellard is ITPro's Reviews Editor and has worked on CloudPro and ChannelPro since 2018. In his time at ITPro, Bobby has covered stories for all the major technology companies, such as Apple, Microsoft, Amazon and Facebook, and regularly attends industry-leading events such as AWS Re:Invent and Google Cloud Next.

Bobby mainly covers hardware reviews, but you will also recognize him as the face of many of our video reviews of laptops and smartphones.