ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool BlackMatter

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: BlackMatter

NamesBlackMatter
CategoryMalware
TypeRansomware, Big Game Hunting
Description(BleepingComputer) While researching the new ransomware group, BleepingComputer found a decryptor from a BlackMatter victim and shared it with Emisosft CTO and ransomware expert Fabian Wosar.

After analyzing the decryptor, Wosar confirmed that the new BlackMatter group is using the same unique encryption methods that DarkSide had used in their attacks.
Information<https://therecord.media/blackmatter-ransomware-targets-companies-with-revenues-of-100-million-and-more/>
<https://www.bleepingcomputer.com/news/security/blackmatter-ransomware-gang-rises-from-the-ashes-of-darkside-revil/>
<https://www.bleepingcomputer.com/news/security/darkside-ransomware-gang-returns-as-new-blackmatter-operation/>
<https://therecord.media/an-interview-with-blackmatter-a-new-ransomware-group-thats-learning-from-the-mistakes-of-darkside-and-revil/>
<https://www.bleepingcomputer.com/news/security/linux-version-of-blackmatter-ransomware-targets-vmware-esxi-servers/>
<https://medium.com/s2wlab/blackmatter-x-babuk-using-the-same-web-server-for-sharing-leaked-files-d01c20a74751>
<https://us-cert.gov/ncas/alerts/aa21-291a>
<https://blog.emsisoft.com/en/39181/on-the-matter-of-blackmatter/>
<https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/blackmatter-data-exfiltration>
<https://illusive.com/resources/threat-research-blog/preventing-blackmatter-ransomware-from-encryption-of-available-remote-share/>
<https://blog.talosintelligence.com/2022/03/from-blackmatter-to-blackcat-analyzing.html>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.blackmatter>
<https://malpedia.caad.fkie.fraunhofer.de/details/elf.blackmatter>
AlienVault OTX<https://otx.alienvault.com/browse/global/pulses?q=tag:blackmatter>

Last change to this tool card: 03 April 2022

Download this tool card in JSON format

Previous: BlackLotus
Next: BlackMould

All groups using tool BlackMatter

ChangedNameCountryObserved

APT groups

 Carbanak, AnunakUkraine2013-Apr 2023X

1 group listed (1 APT, 0 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents
Telephone +66 (0)2-123-1227
E-mail [email protected]