Skip to main content
The Darker Things


The Darker Things

Blackmatter and its victims

Read report

In the first blog post on BlackMatter Group-IB discussed how a new ransomware collective

emerged immediately after two of the most active and aggressive gangs, DarkSide and

REvil, disappeared from the public eye after having attacked several high-value targets

such as Toshiba, JBS S.A., Colonial Pipeline, and Kaseya. While in August 2021,

researchers were still uncertain about who was behind the new ransomware family, now

there is no doubt that BlackMatter is the successor to DarkSide, and it is only a matter of

time before they eclipse their predecessor, if they haven't done so already.

A reminder that a US architectural firm was among the first to fall victim to BlackMatter,

and it happened in late July 2021. Since then, the BlackMatter operators' appetites have grown

considerably, the frequency of attacks has increased, and the threat actors seem to have been

constantly improving their tools. The average ransom demand is $5.3 million, with the maximum,

which the attackers demanded from Japan's Olympus Corporation, reaching $30 million.

Read the whole report, by clicking the 'read report' button.