BlackMatter – Page 2 – WindowsTechs.com

Ransomware gang strikes Iowa agriculture business New Cooperative, the latest hack on food supply chain

Posted on September 20, 2021 by Tim Starks

The BlackMatter ransomware gang has struck an Iowa agricultural business, New Cooperative, and is demanding a $5.9 million ransom. Several security researchers first called attention to the hack on Monday, and the company confirmed to Bloomberg that it had been hit with a cyberattack and shut down its systems in response. It’s another big hit against the agriculture industry, following the May ransomware attack on JBS by REvil, a gang that researchers said has ties to BlackMatter. New Cooperative is a grain collective based out of Fort Dodge. In negotiations dated Sept. 19 and posted online, a person speaking on behalf of the company said the attack would cause severe problems in the food supply chain. “We are critical infrastructure – we [sic] intertwined with the food supply chain in the US,” they wrote. “If we are not able to recover very shortly, there is going to be a very […]

The post Ransomware gang strikes Iowa agriculture business New Cooperative, the latest hack on food supply chain appeared first on CyberScoop.

Continue reading Ransomware gang strikes Iowa agriculture business New Cooperative, the latest hack on food supply chain→

Olympus investigating reported ransomware attack with BlackMatter hallmarks

Posted on September 13, 2021 by Jeff Stone

A Japanese technology manufacturer confirmed it is investigating a reported ransomware attack affecting business units in Europe, the Middle East and Africa dating back to Sept. 8. In a statement Saturday, Tokyo-based Olympus said it’s looking into “a potential cybersecurity incident” that resulted in the suspicion of data transfers between relevant systems. The apparent breach is in fact a ransomware incident that began on Sept. 8 carried out by a hacker who claims to be affiliated with the BlackMatter extortion group, TechCrunch first reported. The attacker included a note on infected computers promising to decrypt the relevant systems in exchange for payment, according to TechCrunch. “Upon detection of suspicious activity, we immediately mobilized a specialized response team including forensics experts, and we are currently working with the highest priority to resolve this issue,” the company said. The ransom message directed recipients to visit a page reportedly known to be affiliated […]

The post Olympus investigating reported ransomware attack with BlackMatter hallmarks appeared first on CyberScoop.

Continue reading Olympus investigating reported ransomware attack with BlackMatter hallmarks→

Groove ransomware gang is a motley crew of disgruntled hackers, researchers say

Posted on September 9, 2021 by Tim Starks

Another new ransomware gang is making waves with an unconventional structure, its unique pedigree and an early victim. A coalition of researchers on Thursday explained what makes Groove, a gang that quietly emerged in July with a website, different: Namely, it eschews the traditional ransomware-as-a-service hierarchy in favor of an opportunistic pledge that they’ll work with anyone as long as there’s money to be made. The researchers — from McAfee, Intel 471 and Coveware — traced the group’s origins to a likely split with the Babuk gang, part of a trend of turmoil within extortion groups that use the ransomware-as-a-service (RaaS) model where affiliates get to use an outfit’s malware in exchange for sharing profits. For instance, a disgruntled former Conti affiliate recently leaked the group’s attack playbook. Already, there’s evidence the researchers uncovered that Groove has worked with another ransomware gang, BlackMatter, that likewise recently emerged. That group is […]

The post Groove ransomware gang is a motley crew of disgruntled hackers, researchers say appeared first on CyberScoop.

Continue reading Groove ransomware gang is a motley crew of disgruntled hackers, researchers say→

A US official explains why the White House decided not to ban ransomware payments

Posted on August 4, 2021 by Tonya Riley

The Biden administration backed away from the idea of banning ransomware payments after meetings with the private sector and cybersecurity experts, a top cybersecurity official said Wednesday. “Initially, I thought that was a good approach,” Anne Neuberger, deputy national security advisor for cyber and emerging technology, said at an Aspen Security Forum event. “We know that ransom payments are driving this ecosystem.” Experts, including former government officials serving on a non-profit ransomware task force, helped shift that view, following high-profile hacks against Colonial Pipeline, the food production company JBS and Kaseya, a Florida-based IT firm. Payments from the Colonial Pipeline and JBS attacks totaled more than $15 million, a number that likely represents a fraction of the funds sent to extortionists. “We heard loud and clear from many that the state of resilience is inadequate, and as such, if we banned ransom payments we would essentially drive even more of […]

The post A US official explains why the White House decided not to ban ransomware payments appeared first on CyberScoop.

Continue reading A US official explains why the White House decided not to ban ransomware payments→

2 new ransomware gangs Haron, BlackMatter appear after REvil, DarkSide

Posted on July 29, 2021 by Sudais Asif

By Sudais Asif
Currently, it is unclear if Haron and BlackMatter ransomware gangs have been started by now-defunct REvil and DarkSide ransomware operators.
This is a post from HackRead.com Read the original post: 2 new ransomware gangs Haron, BlackMatt… Continue reading 2 new ransomware gangs Haron, BlackMatter appear after REvil, DarkSide→

Threat intel firms suggest ransomware gang ‘BlackMatter’ has ties to DarkSide, REvil hackers

Posted on July 28, 2021 by Tim Starks

Digital sleuths at cyber threat intelligence firms have found clues that a seemingly new ransomware organization has links to DarkSide and REvil, two gangs that suddenly disappeared shortly after major attacks. From the moment DarkSide vanished following the Colonial Pipeline incident and REvil went dark after locking up JBS and customers of Kaseya, questions swirled about whether a government took them down, whether attackers quit, or whether they simply went underground to rebrand. Flashpoint, Mandiant and Recorded Future on Tuesday and Wednesday said they discovered at least some connection between DarkSide and/or REvil and BlackMatter, a group that emerged last week. “The project has incorporated in itself the best features of DarkSide, REvil, and LockBit,” BlackMatter itself proclaimed, according to Recorded Future. LockBit is another ransomware operation that first appeared in 2019, and all three are thought to operate out of Russia. Exactly what “best features” BlackMatter borrowed from other […]

The post Threat intel firms suggest ransomware gang ‘BlackMatter’ has ties to DarkSide, REvil hackers appeared first on CyberScoop.

Continue reading Threat intel firms suggest ransomware gang ‘BlackMatter’ has ties to DarkSide, REvil hackers→