Blackmatter Ransomware | Breaking Cybersecurity News | The Hacker News

An analysis of new samples of BlackMatter ransomware for Windows and Linux has revealed the extent to which the operators have continually added new features and encryption capabilities in successive iterations over a three-month period. No fewer than 10 Windows and two Linux versions of the ransomware have been observed in the wild to date, Group-IB threat researcher Andrei Zhdanov said in a report shared with The Hacker News, pointing out the changes in the implementation of the  ChaCha20 encryption  algorithm used to encrypt the contents of the files. BlackMatter  emerged  in July 2021 boasting of  incorporating  the "best features of DarkSide, REvil, and LockBit" and is considered the successor to DarkSide, which has since shut down alongside REvil in the wake of law enforcement scrutiny. Operating as a ransomware-as-a-service (RaaS) model, the BlackMatter is believed to have hit more than 50 companies in the U.S., Austria, Italy, France, Brazil, am...