- Numerous law enforcement authorities tied together to interfere with Blacksuit
- Ransomware -Operators had multiple sites seized
- No arrests were made
The notorious ransomware operator Blacksuit has had its infrastructure disturbed by a major law enforcement campaign.
As part of the action, Blacksuit’s main website, which was accessed through the Onion Router (TOR), was defaced and left behind with a banner usually supported by law enforcement after domain fittings.
“This site has been seized by US security investigations in the United States as part of a coordinated international law enforcement investigation,” the banner said.
Medusa claims responsibility
The US Homeland Security, the US Department of Justic (DOJ), FBI and other agencies have not yet published an official announcement of dismantling, but DOJ has confirmed that the action was part of Operation Checkmate.
In addition to the main site, other sites (including the leakage site and the negotiating point) were also closed.
This was an international operation performed by the US secret service, the Dutch national police, the German state criminal police office, the British national crime agency, the Frankfurt General Prosecutor’s Office, the Ministry of Justice, the Ukrainian cyber police, Europol and others.
BitDefender, a private cyber security company, also helped and said, “We praise our law enforcement partners for their coordination and determination. Operations like this strengthen the critical role of public-private partnerships in tracking, postponement and ultimately to dismantle ransomware groups operating in the shadows.”
A US Department of Health and Human Services published in late November 2023 said Blacksuit was first spotted in May of the same year showing “striking parallels with Royal, the direct successor of the previously notorious Russian-bound Conti operation”.
Unfortunately, it stops taking sites and seizing infrastructure rarely ransomware -attack – it just slows them down a bit. It usually takes a few weeks for threat actors to recover and continue where they left off, and usually don’t stop until they are arrested.
Via Bleeping computer
