BlackMatter
Description
(BleepingComputer) While researching the new ransomware group, BleepingComputer found a decryptor from a BlackMatter victim and shared it with Emisosft CTO and ransomware expert Fabian Wosar.
After analyzing the decryptor, Wosar confirmed that the new BlackMatter group is using the same unique encryption methods that DarkSide had used in their attacks.
Names
Name |
---|
BlackMatter |
Category
Malware
Type
- Ransomware
- Big Game Hunting
Information
- https://therecord.media/blackmatter-ransomware-targets-companies-with-revenues-of-100-million-and-more/
- https://www.bleepingcomputer.com/news/security/blackmatter-ransomware-gang-rises-from-the-ashes-of-darkside-revil/
- https://www.bleepingcomputer.com/news/security/darkside-ransomware-gang-returns-as-new-blackmatter-operation/
- https://therecord.media/an-interview-with-blackmatter-a-new-ransomware-group-thats-learning-from-the-mistakes-of-darkside-and-revil/
- https://www.bleepingcomputer.com/news/security/linux-version-of-blackmatter-ransomware-targets-vmware-esxi-servers/
- https://medium.com/s2wlab/blackmatter-x-babuk-using-the-same-web-server-for-sharing-leaked-files-d01c20a74751
- https://us-cert.gov/ncas/alerts/aa21-291a
- https://blog.emsisoft.com/en/39181/on-the-matter-of-blackmatter/
- https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/blackmatter-data-exfiltration
- https://illusive.com/resources/threat-research-blog/preventing-blackmatter-ransomware-from-encryption-of-available-remote-share/
- https://blog.talosintelligence.com/2022/03/from-blackmatter-to-blackcat-analyzing.html
Malpedia
- https://malpedia.caad.fkie.fraunhofer.de/details/win.blackmatter
- https://malpedia.caad.fkie.fraunhofer.de/details/elf.blackmatter
Alienvault Otx
Other Information
Uuid
1ccb7a82-d909-4638-b970-99f30d53c854
Last Card Change
2022-04-03