Hackers from the Darkside ransomware group, which claims to have extorted millions of dollars from various companies, vowed to “make the world a better place” and donated some of the extorted BTC to charities.

In a post on the dark web, according to the BBC, the ransomware group posted receipts of 0.88 BTC ($10,000) donations in bitcoin to two charities: The Water Project and Children International. The hackers have reportedly also claimed they only target large, profitable companies and added:  

We think that it’s fair that some of the money the companies have paid will go to charity. No matter how bad you think our work is, we are pleased to know that we helped changed someone’s life. Today we sended (sic) the first donations.

Children International is an organization that supports children, families, and communities in various countries, including India, Colombia, Zambia, Guatemala, Honduras, and the United States. A spokesperson for the organization revealed it has “no intention of keeping” the donation if the funds were stolen.

The Water Project is an organization working to improve access to clean water in sub-Saharan Africa. Speaking to the news outlet Brett Callow, a threat analyst at cybersecurity firm Emsisoft, said:

What the criminals hope to achieve by making these donations is not at all clear. Perhaps it helps assuage their guilt? Or perhaps for egotistical reasons they want to be perceived as Robin Hood-like characters rather than conscienceless extortionists.

Callow added that this was the first time a ransomware group donated a portion of their profits to charity, as far as he was aware. The group donated the funds using The Giving Block, a platform allowing crypto users to donate to various charities.

Speaking to the BBC, the organization pointed out it’s still working out whether the donated funds were stolen, and added that if “it turns out these donations were made using stolen funds, we will of course begin the work of returning them to the rightful owner.

The Giving Block added that the fact the ransomware group used cryptoassets will “make it easier, not harder, to catch them.”

Featured image via Pixabay.