The United States has seized servers, domain names and around $ 1 million in cryptographic active ingredients from the BlackWare Blacksuit group.
The Ministry of Justice said on Monday that several agencies in the application of American and international laws had carried out an operation against black ransomware groups in late July.
The operation included the non-declaration of a mandate for the cryptocurrency crisis evaluated at just over a million dollars, at the time of the crisis, he reported.
“The disruption of the ransomware infrastructure is not only to eliminate the servers, but to dismantle the entire ecosystem which allows cybercriminals to operate with impunity,” added Michael Prado, deputy deputy director of the Homeland Security Investigations Cyer Crimes Center.
Blacksuit is a spin-off of the Royal Ransomware gang and has been working for at least 2023 for at least 2023, with the last crisis to come in the middle of other actions that the United States has taken against ransomware groups, such as the sanction of the Ransomware Aeza Group accommodation provider in July.
The Ministry of Justice said that the withdrawal was led by the internal security surveys of the American department of internal security with the help of the secret services, the IRS and the FBI, as well as the police of the United Kingdom, Germany, Ireland, France, Canada, Ukraine and Lithuania.
Coordinated ransomware attacks
The Ministry of Justice said that the Ransomware group constantly targeted critical infrastructure between sectors, including health care, government facilities, manufacturing and commercial facilities. Victims are generally obliged to pay ransoms in Bitcoin (BTC) via Darknet websites.
Since 2022, Blacksuit has compromised more than 450 victims known in the United States and has received more than $ 370 million in ransom, he added.
Ransomware patterns have used double exposure tactics such as the encryption of victims systems while threatening to disclose stolen data to force payment, the MJ said.
“The persistent targeting of the black ransomware gang of American critical infrastructure represents a serious threat to American public security,” said Deputy Prosecutor General John Eisenberg.
Bitcoin ransom seized
In 2023, a victim paid a ransom of 49.3 BTC, worth around 1.4 million dollars at the time, to decipher their data.
Part of the price of the ransom, the million dollars entered, was deposited several times and withdrawn from an crypto exchange account until the funds were frozen by the exchange in early 2024, he reported, although he did not appoint the exchange.
In relation: Us Crypto Wallet Sanctions Linked to Ransomware, Host Infosseraleur
Rançon requests have generally varied about $ 1 million to $ 10 million in BTC, and the largest ransom required by black combination players was $ 60 million, according to the Cybersecurity and Infrastructure SECURITY Agency.
Crypto ransomware successors arise
In July, the Dallas, Texas, the FBI announced the seizure of 20 BTC worth around 2.4 million dollars of an cryptocurrency address belonging to an eminent member of Chaos Ransomware Group.
Last week, TRM Labs analysts studied how a new ransomware group called embargo may have emerged as a successor operation in Blackcat, that laundrers carry out cryptographic accounts. About 18.8 million dollars in sleep remains in unrelated portfolios, he revealed.
Review: Scottie Pippen says Michael Saylor warned him of Satoshi Chatter