[Ed. Note: This piece has been updated to include information about BlackCat, which has potential links to BlackMatter.]
The U.S. Department of Health and Human Services’ cybersecurity arm released a bulletin this week with some rare good news: The BlackMatter ransomware-as-a-service program appears to have shut down operations.
“While [the Health Sector Cybersecurity Coordination Center] previously identified multiple healthcare and public health (HPH) sector or health sector-affiliated organizations impacted by this malware, the group has not claimed a victim since October 31, 2021,” said the HC3 analyst note.
As such, HC3 reduced the threat level posed by the group from “yellow,” or “elevated,” to “blue,” or “guarded.”
WHY IT MATTERS
BlackMatter is a Russian-speaking group with likely origins in Eastern Europe.
Although the operation claimed not to target healthcare entities, HC3 considered it to be a highly sophisticated operation that posed an “elevated risk” to the sector; in September, the agency released a briefing warning as much.
In fact, HC3 said it is aware of at least four healthcare or healthcare-related organizations that have been impacted by BlackMatter ransomware incidents – including a medical testing and diagnostics company, a pharmaceutical consulting company, and a dermatology clinic, all in the United States.
“A global medical technology company based in the Asia-Pacific region also suffered a BlackMatter incident,” read the analyst note.
In October, federal agencies issued a Cybersecurity Advisory providing information on BlackMatter ransomware, suggesting that the group is a possible rebrand of the DarkSide ransomware-as-a-service organization. And on Wednesday, some analysts said that BlackCat, the ransomware group possibly behind a recent attack on two German oil companies, is likely another rebrand.
However, October was the same month BlackMatter appeared to claim its last victim.
“On November 1, BlackMatter claimed it was shutting down operations following pressure from local law enforcement and stated that key members of its group were ‘no longer available,'” said the HC3 note.
“Shortly thereafter, the existing BlackMatter victims were moved to the competing LockBit ransomware negotiation site,” it continued.
THE LARGER TREND
BlackMatter’s predecessor, REvil, has also receded from the threat landscape following several high-profile attacks on healthcare organizations.
In November, the U.S. Department of Justice announced that it had taken action against two individuals accused of using the ransomware to attack U.S. businesses and government agencies.
“The arrest of Yaroslav Vasinskyi, the charges against Yevgeniy Polyanin and seizure of $6.1 million of his assets, and the arrests of two other Sodinokibi/REvil actors in Romania are the culmination of close collaboration with our international, U.S. government and especially our private sector partners,” said FBI Director Christopher Wray in a statement at the time.
ON THE RECORD
“HC3 can confirm that the BlackMatter leak site is no longer operational and no known ransomware variants are believed to be successors at this time, according to open source reporting,” said the agency.
Still, it warned, “While the group appears to have shut down operations, other actors seeking lucrative payouts from ransomware attacks are likely to fill this void.”
Kat Jercich is senior editor of Healthcare IT News.
Twitter: @kjercich
Email: kjercich@himss.org
Healthcare IT News is a HIMSS Media publication.
Note: This article have been indexed to our site. We do not claim legitimacy, ownership or copyright of any of the content above. To see the article at original source Click Here
Kasa Smart Indoor Pan-Tilt Home Security Camera, 1080p HD Dog Camera w/Night Vision, Motion Detection for Baby & Pet Monitor, Cloud & SD Card Storage, Works w/ Alexa & Google Home, 2.4G WiFi (EC71)
$17.74 (as of February 23, 2025 19:40 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
DJI Mic Mini (2 TX + 1 RX + Charging Case), Wireless Microphone for iPhone/Camera/Android, Ultralight, Detail-Rich Audio, 48h Use, Noise Cancelling, Automatic Limiting, Vlog, Streaming
$169.00 (as of February 23, 2025 20:15 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Sereney 10th Birthday Gifts for Girl Sterling Silver Pink Pearl Necklace as Gifts for 10 Year Old, Adjustable Length 10 Birthday Ideas for Teens Trendy 2025
$15.99 (as of February 23, 2025 20:15 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Muddy Mat® Original Dog Door Mat for Muddy Paws, Super Absorbent Microfiber, Non-Slip Washable Pet Rug, Quick Dry Chenille Entryway Carpet, Machine Washable Indoor Outdoor mat, Army Green 18"x28"
$24.95 (as of February 23, 2025 19:40 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
