CyberScoop reports that the BlackSuit ransomware gang had its malware and servers noted by German officials to be effectively severed following the global law enforcement effort dubbed "Operation Checkmate" in late July.
More than 150 organizations, most of which were in the U.S., have been compromised by BlackSuit before its dismantling, while manufacturing, education, healthcare, and construction were the most targeted industries, according to an analysis by Bitdefender, which helped in the ransomware operation's takedown. Despite being a high-profile ransomware group, BlackSuit had begun shedding its members before the clampdown as more of its victims refused to comply with extortion demands as its Russian origins came to light, said RedSense co-founder and partner Yelisey Boguslavskiy. "It's not that they were concisely preparing for the takedown. Instead, they just felt brand fatigue. They are very prone to rebranding often. It was two years without a rebrand, so the one was coming, and in the meantime, they were using INC as a newer name without baggage," said Boguslavskiy.
More than 150 organizations, most of which were in the U.S., have been compromised by BlackSuit before its dismantling, while manufacturing, education, healthcare, and construction were the most targeted industries, according to an analysis by Bitdefender, which helped in the ransomware operation's takedown. Despite being a high-profile ransomware group, BlackSuit had begun shedding its members before the clampdown as more of its victims refused to comply with extortion demands as its Russian origins came to light, said RedSense co-founder and partner Yelisey Boguslavskiy. "It's not that they were concisely preparing for the takedown. Instead, they just felt brand fatigue. They are very prone to rebranding often. It was two years without a rebrand, so the one was coming, and in the meantime, they were using INC as a newer name without baggage," said Boguslavskiy.
