Mark Rasch writes about a fourth option for ransomware victims in terms of response: … what happens in the case where you are able to identify—either by name, location, computer, IP address, MAC address or otherwise—the individual(s) responsible for the ransomware, extortionware or electronic demand for payment? Right now, a ransomware victim has few options….
Category: Commentaries and Analyses
US Government warns of BlackMatter ransomware attacks against critical infrastructure
Graham Cluley writes: The US Government has issued an alert to organisations about the threat posed by the BlackMatter ransomware group. The government’s Cybersecurity & Infrastructure Security Agency (better known as CISA) issued the advisory earlier this week, following a series of BlackMatter ransomware attacks since July 2021 targeting US critical infrastructure, including two American organisations working…
DarkSide ransomware gang moves some of its Bitcoin after REvil got hit by law enforcement
Catalin Cimpanu reports: The operators of the Darkside and BlackMatter ransomware strains have moved a large chunk of their Bitcoin reserves after news broke that fellow ransomware gang REvil had its servers taken over by a coalition of law enforcement agencies. Approximately 107 BTC ($6.8 million) were moved earlier today, according to Omri Segev Moyal, CEO…
FIN7 Recruits Talent For Push Into Ransomware
There’s a fascinating blog post out today by Gemini Advisory. Here are just the key findings to give you a sense of it all: The cybercriminal group FIN7 has been responsible for large-scale card theft campaigns, resulting in the exposure of over 20 million payment card records, as well as ransomware attacks. Gemini has discovered…
Indiana orthopedics practice becomes a victim of a ransomware attack
I hate to see medical entities become victims of ransomware attacks, but if they do, then I’m glad to see them promptly alert patients to any problems. Central Indiana Orthopedics is a positive example of prompt alerting. The following notice appears on their web site: IMPORTANT ANNOUNCEMENT: We regret to inform you that Central Indiana…
CISA Alert (AA21-291A) BlackMatter Ransomware
Technical Details Overview First seen in July 2021, BlackMatter is ransomware-as-a-service (Raas) tool that allows the ransomware’s developers to profit from cybercriminal affiliates (i.e., BlackMatter actors) who deploy it against victims. BlackMatter is a possible rebrand of DarkSide, a RaaS which was active from September 2020 through May 2021. BlackMatter actors have attacked numerous U.S.-based…