Law enforcement has seized dark web leaked sites of blacksit ransomware operation, which has targeted and violated the network of hundreds of organizations worldwide over the years.
The US Justice Department today confirmed the Tekdown in an email, stating that the officials involved in the action carried out a court-official seizure of the BlackSit Domain.
Earlier today, the websites on the BlackSit. Onion Domain were replaced with a seizure banner, which was announced that the Sampore gang sites were taken down as part of a joint international action codenamed operation checkmate by the US Homeland Security Investigation Federal Investigation Federal Investigation Federal Law Enforcement Agency.
“The site is seized by the US Homeland Security Investigation as part of a coordinated international law enforcement investigation,” reads the banner.
Other law enforcement officers involved in this joint operation include US Secret Service, Dutch National Police, German State Criminal Police Office, UK National Crime Agency, Frankfurt General Prosecutor’s Office, Justice Department, Ukrainian Cyber Police, Europeol and others.
Romanian Cyber Security Company Bitdefnder was also involved in action, but a spokesperson has not yet replied to reply that today came to Blapping Computer for more details today.
Chaos ransomware ribrand
On Thursday, the Cisco Talos Threat Intelligence Research Group said that it was found evidence that the BlackSit Rainmware Gang suggests that it is likely to rebrand himself once again.
“Tellos assesses with moderate belief that the new Caos ransomware group is either a rebranding of BlackSit (Royal) Ranmware or operated by some former members,” Researchers said,
“This assessment is based on equality in TTP, including encryption command, the theme and structure of ransom and their attacks use lolbin and RMM tools.”
BlackSit started in January 2022 as a quantum ransomware and is believed to be a direct heir Notorious for Conty Cybercrime Syndicate. While he initially used encrypters from other gangs (such as Alfvi/Blackcat), he soon deployed his own zone encrypter and rebrands it as a Royal Ramesware in September 2022.
In June 2023, later Targeting the city of Dallas, Texas, Royal Rainsmware Gang BlackSit began to work under the name, after testing of a new encrypter, which is called among rumors between blacksit Rebranding.
The CISA and FBI first revealed in the joint advisor of November 2023 that the Royal and BlackSit share the same strategy, while their encrypters perform clear coding overlaps. The same advisor linked the Royal Rainsmware gang to target more than 350 organizations worldwide since September 2022, resulting in more than $ 275 million demand for ransom.
Two Agencies confirmed In August 2024 that Royal Rainmware resumed as a blackcit and demanded more than $ 500 million from the victims for more than two years.
CISOS knows how to purchase a board begins with a clear, strategic approach how the cloud safety runs the business price.
This helps to introduce the risk, impact and priorities to the free, editable board report deck deck security leaders in clear business terms. Convert security updates into meaningful conversations and take fast decision in boardroom.
