Ransomware groups took this year to make unprecedented attacks: Kaseya, Colonial Pipeline, and the meat company JBS Foods. These were proof that those groups really want to be known. However, these cybercriminals lost millions of dollars due to a problematic update in the code of the ransomware group BlackMatter; they were the ones behind the Colonial Pipeline attack. Keep reading to learn more!
BlackMatter ransomware group is the most affected
BlackMatter is the ransomware group that planned the attack on Colonial Pipeline, becoming one of the most critical attacks in the last years because the target was a critical infrastructure on which citizens depend. This one made them earn higher profits, but due to a bug in their code update, these cybercriminals lost millions of dollars and stolen data. All thanks to a group of cybersecurity experts that took advantage of this bug.
This is an interesting case that exposes how ransomware groups are not exempted from mistakes on any of their codes, or updates in their systems. Of course, they continue to be a threat, but this huge mistake is strong proof that they are not that almighty. Experts are trying to study and use this bug to learn more about these groups.
Cybersecurity experts are working to recover data and money
Experts at Emsisoft are the ones working to recover the data stolen by BlackMatter, without paying a single dollar. All this started when this group decided to reappear under the name BlackMatter, because when the Colonial Pipeline attack happened, they were known as DarkSide. The reappearance was coming with a new malware code, but the group made a critical mistake in the update. Emsisoft discovered the bug and started working on it.
Decrypting the stolen files and returning access to their rightful owners was the experts’ top priority. This is the main reason why cybercriminals lost millions of dollars. This is a very severe blow to the group and ransomware attacks. The company was quick to track down victims in the United States and Europe. They also help victims recover hundreds of millions on cryptocurrency. The final sum hasn’t been stated.
Of course, this is just a small battle in the war of ending ransomware attacks, but this is definitely a huge blow to that community. Cybercriminals losing millions is not something quite common, making it an important step in this war. Keep in touch with our blog to read the latest news and innovations in the cybersecurity world.
Facebook: Eagle Tech Corp
LinkedIn: Eagle Tech
YouTube: Eagle Tech Corp