BlackSuit Ransomware Gang Servers Seized by Authorities
BlackSuit Ransomware Gang Infrastructure Seized in Joint Operation
A collaborative effort between U.S. and European law enforcement agencies has resulted in the seizure of critical infrastructure utilized by the BlackSuit ransomware group.
This notorious hacking collective has been implicated in a series of significant cyberattacks over the past several years.
Details of the Law Enforcement Action
German prosecutors announced this week that servers and systems belonging to the BlackSuit gang were taken down during an operation conducted on July 24th.
The operation successfully secured a substantial volume of data, which will be instrumental in identifying those responsible for the attacks.
By disabling the servers, authorities effectively disrupted the distribution of the BlackSuit ransomware malware.
Impact and Victimology
Investigations reveal that BlackSuit has impacted a total of 184 victims globally, with a notable number located within Germany.
As of the current time, the gang’s dark web leak site – previously used to publish stolen data and coerce ransom payments – is inaccessible.
Visitors to the site are now met with a seizure notice indicating its removal by an international law enforcement investigation.
International Cooperation
The successful operation was carried out with the assistance of ICE’s Homeland Security Investigations unit and Europol.
Requests for comment directed to ICE representatives have not yet received a response.
Initial reports suggest U.S. authorities disclosed the seizure earlier in the week, though the status of any potential arrests remains unclear.
BlackSuit’s History and Evolution
BlackSuit has emerged as a highly active ransomware operation in recent years.
Targets have included U.S. cities, such as Dallas, alongside organizations operating within the manufacturing, communications, and healthcare sectors.
In 2024, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a warning regarding the gang’s rebranding from Royal to BlackSuit.
Ransomware groups frequently undergo such transformations – spinning off or merging – to evade sanctions and continue profiting from malicious cyber activity.
Emergence of a Successor Group
Security researchers have identified a new ransomware group, named Chaos, which is believed to be comprised of former members of the BlackSuit gang.
Related Posts
FTC Upholds Ban on Stalkerware Founder Scott Zuckerman
Google Details Chrome Security for Agentic Features
Petco Data Breach: SSNs, Driver's Licenses Exposed
Petco Data Breach: Customer Data Exposed - What You Need to Know
Intellexa Spyware: Direct Access to Government Espionage Victims
