- US law enforcement requirements are that Blacksuit is fully settled
- Agencies seized servers, domains and digital assets
- Since 2022 the group hit 450 companies and stole millions of dollars
Blacksuit, a Ransomware group and a successor of Royal Gang, managed to compromise 450 organizations in the United States and steal $ 370 million in Ransom payments before being settled by US law enforcement agents, the US Ministry of Homeland Security (DHS) said.
A press release published on US immigration and customs enforcement site (ICE) site, said Ices Homeland Security Investigations (its most important investigative arm), in coordination with both US and international law enforcement agents, “successfully disassembled critically infrastructure used by Blacksuit Ransomware”.
“The operation resulted in the seizures of servers, domains and digital assets used to implement ransomware, mitigate victims and money laundering proceeds,” it was said.
No arrests
The announcement said that since 2022, Royal and Blacksuit Ransomware has compromised more than 450 known victims in the United States, including healthcare, education, public security, energy and government sector organizations.
These attacks brought them more than $ 370 in cryptocurrency, based on today’s prices.
Unfortunately, no one was arrested and if the story taught us anything – these threat players will be back before rather than later.
While disruption of infrastructure is a commendable trait and will certainly make things difficult for the threat actors in the short term, they will not have trouble restoring hardware, especially with $ 370 million in your pocket.
Previously, the FBI, the US Homeland Security, the US Department of Justice (DOJ) and other partners, Defaced Blacksit’s main website as well as extortion and data leakage -sites in a socket called “Operation Checkmate”.
A US Department of Health and Human Services published in late November 2023 said Blacksuit was first spotted in May of the same year showing “striking parallels with Royal, the direct successor of the previously notorious Russian-bound Conti operation”.
“This operation hits a critical blow to Blacksuit’s infrastructure and operations,” said the US Secret Service Criminal Investigative Division Special Agent in Charge William Mancino.
“The US Secret Service is required to work with our law enforcement partners to run criminal companies and prevent the implementation of malicious ransomware that victims of businesses and organizations.”
Via Bleeping computer
