The group appears to be trying to secure its funds for fear of losing them again.
The ransomware operators DarkSide and BlackMatter have withdrawn most of the bitcoins from their cryptocurrency wallets after the news of the special operations' special operation to neutralize the extortionist group REvil.
According to information security expert Omri Segev Moyal, approximately 107 bitcoins (about $ 6.8 million) were transferred from wallets presumably controlled by DarkSide / BlackMatter. The funds were transferred to 7 wallets (7-8 bitcoins each), the rest (38 bitcoins) is stored in a wallet with the address bc1q9jy4pq5su9slh56gryydwkk0qjnqxvfwzm7xl6. It is assumed that hackers will try to launder or cash out funds.
The DarkSide group has attracted the attention of intelligence agencies and the public after a sensational attack on the American operator of the pipeline for the delivery of oil products Colonial Pipeline, which led to disruptions in the delivery of fuel on the East Coast of the United States ... A week after the attack, as a result of the operation of the special services, the group lost its servers and part of the cryptocurrency and announced the cessation of activity.
However, after several months of inactivity, DarkSide is back with a new infrastructure and a new name - BlackMatter. In light of recent events, the group appears to be trying to secure its funds for fear of losing them again.
Moyal has already asked the administrations of cryptocurrency exchanges to block the Darkside / BlackMatter wallets.
The ransomware operators DarkSide and BlackMatter have withdrawn most of the bitcoins from their cryptocurrency wallets after the news of the special operations' special operation to neutralize the extortionist group REvil.
According to information security expert Omri Segev Moyal, approximately 107 bitcoins (about $ 6.8 million) were transferred from wallets presumably controlled by DarkSide / BlackMatter. The funds were transferred to 7 wallets (7-8 bitcoins each), the rest (38 bitcoins) is stored in a wallet with the address bc1q9jy4pq5su9slh56gryydwkk0qjnqxvfwzm7xl6. It is assumed that hackers will try to launder or cash out funds.
The DarkSide group has attracted the attention of intelligence agencies and the public after a sensational attack on the American operator of the pipeline for the delivery of oil products Colonial Pipeline, which led to disruptions in the delivery of fuel on the East Coast of the United States ... A week after the attack, as a result of the operation of the special services, the group lost its servers and part of the cryptocurrency and announced the cessation of activity.
However, after several months of inactivity, DarkSide is back with a new infrastructure and a new name - BlackMatter. In light of recent events, the group appears to be trying to secure its funds for fear of losing them again.
Moyal has already asked the administrations of cryptocurrency exchanges to block the Darkside / BlackMatter wallets.
