Due to pressure from authorities and recent law enforcement operations, the BlackMatter ransomware is apparently shutting down its operations.Members can connect with the core operators, open support issues and get fresh ransomware builds using BlackMatter’s private ransomware-as-a-service (RaaS) website.
A screenshot of a statement reportedly posted by the BlackMatter operators on the RaaS website on November 1st was supplied to security research firm VX-Underground today.
The project has been closed due to some difficult situations related with government pressure. The entire infrastructure will be shut off after 48 hours, allowing:
Send out e-mails to companies in order to keep in touch.
Obtain the code, and write “provide a decryptor” in the company conversation.
We wish you all the best and thank you for the opportunity to work with you.”
The BlackMatter gang which claims to be the replacement to the Darkside and REvil gangs began activities at the end of July. BlackMatter like other ransomware operations, set up a leak site where it releases data stolen from victims before encrypting their systems.s
Researchers at Recorded Future were the first to notice the introduction of the BlackMatter RaaS, and they also observed that the gang is establishing a network of affiliates through advertising posted on two cybercrime sites such as Exploit and XSS.
Its aim is to infect huge organisations with revenues of $100 million or more, the gang is recruiting criminals with access to their networks.
Last week, Europol, the Norwegian Police and other agencies collaborated to arrest 12 people in connection with ransomware attacks on companies around the world, including critical infrastructure operators.
The suspects were linked to over 1,800 ransomware attacks against victims in 71 countries, with the threat actors mostly targeting large organisations.
It is only a matter of time until the operators of BlackMatter relaunch under a different name.
–-For more Cyber security news in crisp content . Please follow our site via twitter handle @cyberworkx1, Linkedin handle @linkedin