Catalin Cimpanu reports:
The criminal group behind the BlackMatter ransomware have announced plans today to shut down their operation, citing pressure from local authorities.
The group announced its plan in a message posted in the backend of their Ransomware-as-a-Service portal, where other criminal groups typically register in order to get access to the BlackMatter ransomware strain.
Read more on TheRecord.
The announcement, which supposedly was on BlackMatter’s portal for affiliates and dated November 1, was posted on Twitter by the vx-underground account.
BlackMatter ransomware group has announced they’re shutting down operations following pressure from local authorities – they state key members are no longer ‘available’.
Image 1. BlackMatter RaaS announcement of operations shutting down
Image 2. Russian translated to English pic.twitter.com/E4RWWAX7Hg
— vx-underground (@vxunderground) November 3, 2021
But as BleepingComputer cautions, it is not yet clear whether this is real or not. Could this be just part of strategy to disinform or mislead? Or if it is a real shutting down notice, is this just a prelude to another re-branding? Time will tell.