German prosecutors say a joint US-European operation has seized infrastructure belonging to the Blacksuit Ransomware Gang, the infamous hacking group that has in recent years condemned several major cyberattacks.
In a new statement this week, German officials said they had seized gang servers and systems as part of the operation on July 24th. Authorities said they have secured “significant amounts of data” that will be used to identify those responsible for the attack.
Authorities said they switched servers and effectively blocked ransomware malware. According to the statement, the Blacksuit had a total of 184 casualties worldwide, of which several were in Germany.
At the time of publication, the Dark Web BlackSuit leak site, which was used by victims to make harm to pay the ransom, was no longer loaded. Currently, the site has a seizure notification saying it has been removed by a “coordinated international law enforcement investigation.”
German officials say the operation proceeded with the help of Ice’s Homeland Security Investigation Forces and Europol. ICE representatives did not reply to requests for comment.
US officials reportedly disclosed the attacks early in the week, following one report. It is not immediately clear whether the arrest was made.
Blacksuits are one of the more prolific ransomware businesses in recent years that have targeted US cities such as Dallas and organizations in the manufacturing, communications and healthcare industry.
In 2024, US cybersecurity agency CISA warned that gangs were rebranding from royals to black suits. It is not uncommon for ransomware gangs to merge with other groups to skirt government-imposed sanctions that make it more difficult for them to benefit from cyberattacks.
Security researchers have since discovered that a new ransomware gang, known as Chaos, is likely to be made up of former members of the Black Suit Gang.
Source link
