Posted on Leave a comment

DarkSide Threat Actors Returns Again With A Brand New Operation ” BlackMatter”

Researcher named “Fabian Wosar” has identified a new evidence of re-branded ransomware group dubbed” BlackMatter” which was earlier in the name of “DarkSide” threat actors famous for their ransomware attacks.

Fabian has confirmed that the decryptor from BlackMatter victim has lot of similarities which is also using same type of encryption methods that the DarkSide ransomware gangs used in the past.

“Instead of using constant strings, a position, nonce, and key, for each encrypted file, DarkSide fills the words with random data. DarkSide used an RSA-1024 implementation unique to their encryptor, which BlackMatter also uses.” Fabian told the third party site(Bleepingcomputer).

It is important to keep an eye on this specific threat actors as their history of attacks targeted attacks on oil and gas industry has failed, they may perform the well organized attacks in the near future.

–-For more Cyber security news in crisp content . Please follow our site via twitter handle @cyberworkx1

Leave a Reply