Cybersecurity Threat Advisory: BlackMatter Ransomware

The FBI, CISA, and NSA have released a joint advisory about the BlackMatter Ransomware gang. This group has been gaining traction with their attacks since July 2021 and claims to be the successor of the Darkside and REvil ransomware groups.
The following best practices presented by the joint advisory will ensure your assets and those of your clients are secure. (Note from the Centristic: Centristic Endpoint Protection already automatically blocks any associated hash values. Centristic Managed Network Security Monitoring offers custom detection mechanisms for this threat. Centristic Ransomware Defense (RDX) recognizes Ransomware exploits and will block this attack. However, a best practices multi-layer approach is recommended.)
What is the BlackMatter Ransomware gang?
A recent ransomware gang is posing a serious threat to businesses, claiming to be the successor to the infamous DarkSide and REvil ransomware groups. The gang has been setting up a network of affiliates by recruiting threat actors with access to networks of large enterprises to infect them with its ransomware. They do not target healthcare organizations, critical infrastructure, organizations in the defense industry, and non-profit companies. However, these industries have also been impacted by this Ransomware gang.
Ransomware is an extremely difficult threat to combat. It encrypts an organization’s data and oftentimes cripples a business’ infrastructure. Most Ransomware attacks include large-scale exfiltration of an organization’s data, which is frequently leveraged by the attacker to apply pressure of victims to pay ransoms. An organization that prepares for a Ransomware attack by preparing to recover is being foolhardy. Organizations must protect themselves by preventing infiltration and exploitation.
References
For more in-depth information about the recommendations, please visit the following links:
- https://us-cert.cisa.gov/ncas/alerts/aa21-291a
- https://securityaffairs.co/wordpress/123549/cyber-crime/blackmatter-ransomware-joint-advisory.html
Here is a link to the CISA Ransomware Guidance and Resources page: https://www.cisa.gov/ransomware
Centristic’s effective Ransomware solution goes beyond the best practice recommendations outlined by CISA and effectively remediates the risk of ransomware altogether. Our advanced solution meets every criteria and recommendation of the CISA guidelines but adds our patented solution, which mitigates the risk of ransomware once and for all. Get the next-generation solution and forget about ransomware.