Sunday, October 6, 2024
HomeCyber CrimeBlackMatter Affiliates Propagate BlackCat Ransomware

BlackMatter Affiliates Propagate BlackCat Ransomware

Researchers compared the TTPs of two recent ransomware outbreaks, BlackCat and BlackMatter, and observed parallels. The results reveal a substantial link between the two groups.

Research indicates similarities between BlackMatter’s September 2021 attack and BlackCat’s December 2021 attack, revealing a link in persistence, defensive evasion, credentials access, and lateral displacement.

Reverse SSH tunnelling, scheduled tasks, dump Isass, Impacket, RDP, psexec, group policy, and Netlogon sharing are all prevalent TTPs.

Similar file names, the use of the same C2, and the domains utilised to maintain persistent access are all examples of additional correlations. Furthermore, both assaults required over 15 days to complete the encryption stage.

As a result, it’s possible that the affiliate behind BlackMatter will be among the first to use BlackCat.

However, one of BlackCat’s spokespeople previously stated that the ransomware is not a rebranding of BlackMatter and that its affiliates are linked to a number of RaaS gangs.

 

The ransomware known as “BlackCat”

BlackCat is a rapidly expanding RaaS operation that has already attacked a number of organisations throughout the world.

BlackCat operators appear to be in control of the production flow by making a critical service better suited to their needs and earning additional cash.

Conclusion

It’s safe to assume that there are large RaaS business models in which employees transfer from one criminal company to the next, bringing their skills and experience with them. Perhaps this is why we frequently detect overlap in attack infrastructure. BlackCat could play a crucial role in bringing disparate groups together and collaborating.

IEMA IEMLabs
IEMA IEMLabshttps://iemlabs.com
IEMLabs is an ISO 27001:2013 and ISO 9001:2015 certified company, we are also a proud member of EC Council, NASSCOM, Data Security Council of India (DSCI), Indian Chamber of Commerce (ICC), U.S. Chamber of Commerce, and Confederation of Indian Industry (CII). The company was established in 2016 with a vision in mind to provide Cyber Security to the digital world and make them Hack Proof. The question is why are we suddenly talking about Cyber Security and all this stuff? With the development of technology, more and more companies are shifting their business to Digital World which is resulting in the increase in Cyber Crimes.
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments

Izzi Казино онлайн казино казино x мобильді нұсқасы on Instagram and Facebook Video Download Made Easy with ssyoutube.com
Temporada 2022-2023 on CamPhish
2017 Grammy Outfits on Meesho Supplier Panel: Register Now!
React JS Training in Bangalore on Best Online Learning Platforms in India
DigiSec Technologies | Digital Marketing agency in Melbourne on Buy your favourite Mobile on EMI
亚洲A∨精品无码一区二区观看 on Restaurant Scheduling 101 For Better Business Performance

Write For Us