Hackers from the closed BlackMatter group predicted the decline of ransomware
Hackers from the closed BlackMatter group, which in the West is traditionally associated with the decline of the ransomware market. The statement was made in an interview given by cybercriminals to Sergei Ivanov, founder of the Russian OSINT Telegram channel.
“After we leave, there will only be a few low-profile projects like LockBit. But this is a temporary phenomenon, given the recent geopolitical events, in particular, the transfer of information between the US and Russia, ”said the hacker from BlackMatter. He added that the point of no return was the attack by the DarkSide group on the American Colonial Pipeline system, after which the United States stepped up the fight against cybercrime.
Talking about the reasons for leaving the market, “Russian hackers” spoke about many negative factors that will soon “finally hammer the last nails” in the direction of ransomware. “We prefer to leave early and on our own than enjoy 20 years of a window into a cage. Therefore, we wish everyone peace and good, without us this world will be a better place. And we say hello to the USA. Sometimes plans do not come true, and everything goes wrong, whatever your country wants, it is worth getting used to it, “the cybercriminals noted.
Answering the question about what they liked best in their work, the hackers from BlackMatter responded that they were attracted both by the process itself and by money, clarifying that freedom is also important to them. At the same time, they stated that they had fulfilled their promise made in the summer of 2021 and did not carry out attacks on critical infrastructure facilities in the United States: “Up to 20 percent of companies were not approved (as a target for an attack, – approx. Lenta.ru ) in BlackMatter “.
The cyberattack of the DarkSide group on the American Colonial Pipeline pipeline has provoked a serious fuel crisis in the United States. In a number of cities on the country's east coast, up to 90 percent of gas stations did not work. The President of the United States imposed a state of emergency in the country, and Colonial Pipeline was forced to pay a ransom in the amount of $ 4.4 million.
Shortly thereafter, DarkSide ceased to exist, but in the summer of 2021, the BlackMatter grouping appeared on the darknet. Among specialized specialists and hackers themselves, it was suggested that it was based on cybercriminals from DarkSide. Members of BlackMatter called themselves the new leaders of the darknet, and on hacker forums, representatives of the group announced their readiness to pay for access to hacked corporate networks. The most notorious attacks of the association are associated with the companies New Cooperative and Olimpus.
In November 2021, the group ceased to exist and curtailed its activities. A message about this was posted on one of the hacker resources on the darknet. In it, the criminals complained about pressure from the authorities, as well as the inaccessibility of part of the team “in connection with the latest events,” which, apparently, meant, among other things, active cooperation between Russian and Western special services. Prior to that, after a cyber attack organized by the FBI and the US secret services, another group associated with Russia, REvil, ceased to exist.