UK Labour Party announce data breach after being informed of ransomware attack
November 3, 2021
Europe’s largest consumer electronics retailer, MediaMarkt suffers ransomware attack
November 9, 2021

BlackMatter affiliates move to LockBit to continue extortion of BlackMatter ransomware victims after BlackMatter shutdown

With the threat actors behind BlackMatter Ransomware announcing they were shutting down on Monday 1st of November 2021, the remaining affiliates have been moving their victims to the competing ransomware gang. LockBit to continue the extortion of their victims. This has been proven by the fact that in existing BlackMatter negotiation chats to victims, affiliates are now providing victims links to LockBit’s Tor sites where new negotiation pages have been set up for them.

Even though BlackMatter’s infrastructure is still live, they have been showing more signs of shutting down by deleting posts and deactivating their accounts on Russian-speaking hacking forums to hide their presence.

Related posts

June 9, 2023

HWL Ebsworth declare they won’t meet APLHV ransomware gang’s demands

Read more

Leave a Reply

Your email address will not be published.

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.