Ransomware
BlackMatter
First seen: 2021-07 • Status: inactive
Currently Inactive
BlackMatter was DarkSide with a new name. They promised not to attack hospitals but shut down quickly anyway.
Overview
BlackMatter emerged as a rebrand of DarkSide. They claimed to avoid critical infrastructure but shut down after just a few months.
How It Spreads
- • RDP exploitation
- • VPN vulnerabilities
What It Does
- • File encryption
- • Data theft
Is your business exposed?
Target Platforms
Windows, Linux, VMware ESXi
Detection Tips
- • Historical threat - possible members joined other groups
MITRE ATT&CK Techniques
T1486, T1567
If You're Infected
- 1.
Decryptors available
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required