DarkSide Threat Actors Returns Again With A Brand New Operation ” BlackMatter”

Researcher named “Fabian Wosar” has identified a new evidence of re-branded ransomware group dubbed” BlackMatter” which was earlier in the name of “DarkSide” threat actors famous for their ransomware attacks.

Fabian has confirmed that the decryptor from BlackMatter victim has lot of similarities which is also using same type of encryption methods that the DarkSide ransomware gangs used in the past.


“Instead of using constant strings, a position, nonce, and key, for each encrypted file, DarkSide fills the words with random data. DarkSide used an RSA-1024 implementation unique to their encryptor, which BlackMatter also uses.” Fabian told the third party site(Bleepingcomputer).

It is important to keep an eye on this specific threat actors as their history of attacks targeted attacks on oil and gas industry has failed, they may perform the well organized attacks in the near future.

–-For more Cyber security news in crisp content . Please follow our site via twitter handle @cyberworkx1

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s