Reasonable approaches to tackle these threats are behavior-based detection and proactive defense approach with attack simulation and security control validation. This finding shows that IoC and signature-based approaches would not work against BlackMatter. In this article, we analyzed tactics, techniques, and procedures utilized by the BlackMatter Ransomware Group to understand their attack methods and the impact of the ransomware. According to our analysis, BlackMatter extensively uses defense evasion techniques to stay under the radar of security controls and achieve their goals. Olympus, a Japanese tech giant, was also a victim of a BlackMatter ransomware attack in September 2021. critical infrastructure entities since its launch. US CISA (Cybersecurity and Infrastructure Security Agency), FBI, and NSA issued a joint alert (AA21-291A) on October 18, 2021, stating that the BlackMatter ransomware attack has targeted multiple U.S. IABs are financially motivated threat actors who profit from the underground sale of remote access to corporate networks. They typically attack Windows and Linux servers and frequently collaborate with initial access brokers (IABs) to facilitate further exploitation. "The project has incorporated in itself the best features of DarkSide, REvil, and LockBit," according to the BlackMatter ransomware group.
BlackMatter is a ransomware-as-a-service (RaaS) affiliate program launched in July 2021.
0 kommentar(er)
