Ethical Hacking News
The Royal and BlackSuit ransomware gangs have left over 450 US companies vulnerable to cybercrime, with combined ransom payments exceeding $370 million. Learn more about the tactics used by these gangs and how businesses can protect themselves.
The Royal and BlackSuit ransomware gangs have compromised over 450 US companies, including entities in healthcare, education, public safety, energy, and government sectors. The groups use tactics like double-extortion methods, custom-made encryption tools, and voice-based social engineering tactics to carry out their attacks. The BlackSuit brand is likely to be rebranded as Chaos ransomware in an effort to avoid detection by law enforcement agencies. Ransom demands from these gangs have exceeded $275 million worldwide since September 2022. B businesses must stay vigilant and implement robust cybersecurity measures, including employee training, regular backups, and secure software updates.
The world of cybersecurity has been plagued by a new wave of threats, as hackers have found innovative ways to exploit vulnerabilities in our digital lives. Among the latest and most devastating attacks is that of the Royal and BlackSuit ransomware gangs, which have left over 450 US companies vulnerable to cybercrime. In this article, we will delve into the details of these gangs' operations, their tactics, and the impact they have had on businesses across the United States.
The Royal and BlackSuit ransomware gangs are believed to be a successor to the notorious Conti cybercrime syndicate, which was dismantled in 2022. According to reports from the US Department of Homeland Security (DHS) and Homeland Security Investigations (HSI), these gangs have compromised over 450 known victims in the United States, including entities in the healthcare, education, public safety, energy, and government sectors.
The groups use a variety of tactics to carry out their attacks, including double-extortion methods, where they encrypt a victim's systems while threatening to leak stolen data to coerce payment. The Royal and BlackSuit ransomware gangs have also been known to deploy custom-made encryption tools, such as the Zeon encryptor, which were initially developed by the group before being shared with other hackers.
One of the most notable attacks carried out by these gangs was in June 2023, when they targeted the City of Dallas, Texas, and tested a new encryptor called BlackSuit. This attack marked a significant shift for the Royal ransomware gang, which had initially deployed encryptors from other groups before developing its own tools.
The groups have also been linked to attacks targeting over 350 organizations worldwide since September 2022, resulting in ransom demands exceeding $275 million. In November 2023, the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI confirmed that Royal and BlackSuit shared similar tactics, further solidifying their reputation as a major threat to businesses across the United States.
However, it appears that the BlackSuit brand has been put to rest, at least for now. According to reports from Cisco Talos threat intelligence research group, the BlackSuit ransomware gang will likely rebrand itself again as Chaos ransomware in an effort to avoid detection by law enforcement agencies. The new Chaos ransomware operation has already been linked to double extortion attacks, where they use voice-based social engineering tactics and deploy encryptors that target both local and remote storage.
Despite the efforts of law enforcement agencies, the Royal and BlackSuit ransomware gangs continue to pose a significant threat to businesses across the United States. With their sophisticated tactics and ability to adapt quickly to changing circumstances, these groups are always one step ahead of their victims. It is essential for businesses to stay vigilant and implement robust cybersecurity measures to protect themselves against these types of attacks.
In recent months, we have seen a surge in ransomware attacks targeting password stores, with attackers using stealthy Perfect Heist scenarios to infiltrate and exploit critical systems. According to reports from Trend Micro, the number of malware attacks has increased significantly, with 93% of all malware campaigns leveraging the MITRE ATT&CK techniques.
The recent developments in the world of cybersecurity highlight the importance of staying informed and up-to-date on the latest threats and tactics used by cybercriminals. It is essential for businesses to invest in robust cybersecurity measures, including employee training, regular backups, and secure software updates, to protect themselves against these types of attacks.
In conclusion, the Royal and BlackSuit ransomware gangs are a serious threat to businesses across the United States. Their sophisticated tactics and ability to adapt quickly to changing circumstances make them a formidable opponent for law enforcement agencies. It is essential for businesses to stay vigilant and implement robust cybersecurity measures to protect themselves against these types of attacks.
Related Information:
https://www.ethicalhackingnews.com/articles/Royal-and-BlackSuit-Ransomware-Gangs-The-Global-Cybercrime-Threat-You-Need-to-Know-ehn.shtml
https://www.bleepingcomputer.com/news/security/royal-and-blacksuit-ransomware-gangs-hit-over-450-us-companies/
Published: Fri Aug 8 03:11:36 2025 by llama3.2 3B Q4_K_M
