Ransomware gangs have been daring in targeting organizations. Since the pandemic, the healthcare industry has become a prominent target for these gangs. In July, a prolific ransomware gang known as BlackMatter claimed to be the heir to REvil and DarkSide ransomware gangs. This malicious group has now launched an cyberattack against Olympus, which has made headlines.
On September 8, the Japanese technology firm Olympus was allegedly infected with the BlackMatter ransomware, which compromised its IT systems in the EMEA region. According to the company statement, an investigation is ongoing, data transfers have been halted, and external parties have been notified.
Olympus did not provide any information on the attacker. The ransom notes, however, indicate a cyberattack by BlackMatter.
Furthermore, these ransom notes connect to a Tor website that the threat actor has previously used to communicate with victims.
BlackMatter, had exhibited evidence of being the child of REvil and DarkSide. The new ransomware gang appeared after REvil and DarkSide abruptly vanished.
While REvil is back in action, analysts are sceptical of claims that the gang is fully operational. As REvil’s core developer, UNKN has vanished, it’s unlikely that the group’s other members will resurrect it.
This most recent BlackMatter development suggests that elite REvil operators have joined with this one, reducing the old one to mediocrity.
Healthcare and public health sector facilities are said to be potential targets of BlackMatter, according to federal agencies. The attack on Olympus is similar to a series of attacks on the healthcare sector that began last year. Threat actors cannot be trusted, notwithstanding BlackMatter’s assurance that it does not target critical infrastructure.