BlackSuit had reportedly begun shedding its members before the clampdown.
The BlackSuit ransomware gang had its malware and servers effectively severed following the effort “Operation Checkmate” in late July.
According to CyberScoop, BlackSuit compromised more than 150 organisations, with manufacturing, education, healthcare, and construction the most targeted industries.
The analysis by Bitdefender, which helped in the ransomware operation’s takedown, noted that German officials that the malware and servers noted were effectively severed following the global law enforcement effort dubbed.
Despite being a high-profile ransomware group, BlackSuit had begun shedding its members before the clampdown as more of its victims refused to comply with extortion demands as its Russian origins came to light.
RedSense co-founder and partner Yelisey Boguslavskiy said BlackSuit were very prone to rebranding often, but had not done so for two years.
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show.
Outside work, Dan supports Tottenham Hotspur, manages mischievous cats, and samples the finest craft beers.
