A major win against cybercrime happened this week, as authorities from around the world teamed up to take down key websites run by the BlackSuit ransomware gang.
If you visit the group’s data leak site or their negotiation portal now, you’ll only see a large notice stating that the site has been seized by law enforcement. This was done as part of a joint crackdown called “Operation Checkmate.”
For victims and cybersecurity experts, this is really good news. The BlackSuit gang used these sites to threaten people and businesses they hacked. Here’s how it worked: After sneaking into a computer network, they would lock up essential files using ransomware, making it impossible for the owner to access their own data.
Then, BlackSuit would steal sensitive files and threaten to post them online if the victim didn’t pay up. All this was handled through their secret websites on the dark web.
However, now that those sites are under the authorities’ control, BlackSuit’s primary method of scaring victims and obtaining money is gone.
They can’t communicate privately with victims to pressure them, and they can’t leak stolen files to hurt organizations or force them to pay. This makes it significantly more challenging for BlackSuit to operate its ransomware business.
The notice left on the seized sites reveals the number of agencies that collaborated to bring them down. Some of the groups listed are the U.S. Department of Homeland Security, the FBI, Europe’s Europol, the UK’s National Crime Agency (NCA), and police organizations from countries like Germany, Ukraine, Lithuania, and Canada.
Seizure notice
There are also a few private partners listed, such as cybersecurity firm Bitdefender, indicating that tech companies and governments are collaborating more than ever to combat hackers.
BlackSuit isn’t a new name in the ransomware world. The group has been attacking hospitals, schools, businesses, and even local governments since early 2023. Some security experts believe they were previously known as the Royal ransomware gang or may have evolved from the infamous Conti group.
Taking down these websites doesn’t mean the problem is completely solved, though. Sadly, cybercrime groups tend to resurface, often under a new name or with a slightly altered scam. Still, police hope this makes things more complicated for them and gives victims hope that something can actually be done about ransomware.
At the end of the day, this operation sends a strong message: messing with people’s data and trying to profit from it won’t be tolerated, and police are willing and able to team up across countries to fight back. For now, at least, it’s checkmate for BlackSuit.
Experience faster, more accurate phishing detection and enhanced protection for your business with real-time sandbox analysis-> Try ANY.RUN now
The post BlackSuit Ransomware’s Data Leak and Negotiation Portal Seized appeared first on Cyber Security News.
