AhnLab cybersecurity researchers: The malware is downloaded and executed from a WSF file within a compressed file, delivered via URL in phishing emails.
Here it comes BlackMatter, the DarkSide and REvil heir. Recorded Future cybersecurity experts: The Ransomware-as-a-Service will target all big industries, except healthcare and governments
Here it comes BlackMatter, the supposed DarkSide and REvil (Sodinokibi) heir. The cybercrime group and RaaS operation just emerged, as Recorded Future cybersecurity experts revealed. According to their public blog, the threat actor group does not conduct attacks against organizations in several industries, including healthcare, critical infrastructure, oil and gas, defense, non-profit, and government. Furthermore, it is currently advertising the purchase of access to corporate networks in the US, Canada, Australia, and the UK. The threat actor is interested in all industries, except healthcare and governments, and has the following requirements for targets: Revenue of $100 million and more, 500-15,000 hosts in the network. BlackMatter offers a $3,000-$100,000 price range for network access, as well as the share from the potential ransom amount.