Once there was, once there wasn’t. No, this is not the start of a fairy tale but the tale of the infamous BlackMatter ransomware. It was formed when both REvil and DarkSide shut down their shops. BlackMatter has gained a huge amount of notoriety in a short span of time but its time in the underworld has apparently come to an end, or so its operators say.
Is it shutting down?
The group posted an announcement on its RaaS portal that it is forced to shut down its operations due to increased pressure from law enforcement. This announcement came after a recent international operation, on which law enforcement arrested 12 individuals linked to 1,800 ransomware attacks in 71 countries. BlackMatter also asked its victims to ask for a decryptor in the company chat.
What’s going on now?
- The existing affiliates are shifting their victims to the LockBit site to continue with their extortion, however, BlackMatter’s infrastructure is still live.
- Victims are now being offered links to LockBit’s Tor sites for a new negotiation process. The affiliates continue to negotiate with victims for ransom payments.
- BlackMatter has deleted its presence from Russian-speaking hacking forums and withdrew 4 Bitcoins from the Exploit hacking forum.
- The gang is also editing its posts and asking the mods to remove them.
What does this imply?
At present, the threat posed by BlackMatter seems weak although the shift to LockBit has made the latter one of the most successful ransomware operations. Experts anticipate that BlackMatter will probably regroup sometime in the near future, but the partnership with LockBit might cost them a few experienced affiliates.
The bottom line
Ransomware gangs are facing intense pressure from law enforcement after several recent attacks caused major uproar across the world. Some instances include the attacks on Colonial Pipeline by DarkSide ransomware and on JBS Foods and Kaseya by Revil ransomware. Furthermore, the Biden administration has offered a reward of $10 million to whoever can provide valid information on DarkSide and a reward of $5 million to lead law enforcement agencies to the criminals for arrests. However, with the sunshine may come grey clouds in the form of BlackMatter rebranding itself. Only time will tell.
Publisher
/https://cyware-ent.s3.amazonaws.com/image_bank/shutterstock_541381777.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/iStock_53088374_MEDIUM.jpg)
