• Latest
  • Trending
BlackMatter Group Speeds Up Data Theft with New Tool

BlackMatter Group Speeds Up Data Theft with New Tool

December 31, 2021
Inaugural AfCFTA Conference on Women and Youth in Trade

Inaugural AfCFTA Conference on Women and Youth in Trade

September 6, 2022
Instagram fined €405m over children’s data privacy

Instagram fined €405m over children’s data privacy

September 6, 2022
8 Most Common Causes of a Data Breach

5.7bn data entries found exposed on Chinese VPN

August 18, 2022
Fibre optic interconnection linking Cameroon and Congo now operational

Fibre optic interconnection linking Cameroon and Congo now operational

July 15, 2022
Ericsson and MTN Rwandacell Discuss their Long-Term Partnership

Ericsson and MTN Rwandacell Discuss their Long-Term Partnership

July 15, 2022
Airtel Africa Purchases $42M Worth of Additional Spectrum

Airtel Africa Purchases $42M Worth of Additional Spectrum

July 15, 2022
Huawei steps up drive for Kenyan talent

Huawei steps up drive for Kenyan talent

July 15, 2022
TSMC predicts Q3 revenue boost thanks to increased iPhone 13 demand

TSMC predicts Q3 revenue boost thanks to increased iPhone 13 demand

July 15, 2022
Facebook to allow up to five profiles tied to one account

Facebook to allow up to five profiles tied to one account

July 15, 2022
Top 10 apps built and managed in Ghana

Top 10 apps built and managed in Ghana

July 15, 2022
MTN Group to Host the 2nd Edition of the MoMo API Hackathon

MTN Group to Host the 2nd Edition of the MoMo API Hackathon

July 15, 2022
KIOXIA Introduce JEDEC XFM Removable Storage with PCIe/NVMe Spec

KIOXIA Introduce JEDEC XFM Removable Storage with PCIe/NVMe Spec

July 15, 2022
  • Consumer Watch
  • Kids Page
  • Directory
  • Events
  • Reviews
Saturday, 28 January, 2023
  • Login
itechnewsonline.com
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion
Subscription
Advertise
No Result
View All Result
itechnewsonline.com
No Result
View All Result

BlackMatter Group Speeds Up Data Theft with New Tool

by ITECHNEWS
December 31, 2021
in Infosec, Leading Stories
0 0
0
BlackMatter Group Speeds Up Data Theft with New Tool

Security researchers have discovered a new data exfiltration tool designed to accelerate information theft for ransomware groups using the BlackMatter variant.

 

YOU MAY ALSO LIKE

Inaugural AfCFTA Conference on Women and Youth in Trade

Instagram fined €405m over children’s data privacy

The Symantec Threat Hunter team explained in a new blog post today that the custom tool is the third discovery of its kind, following the development of the Ryuk Stealer tool and the LockBit-linked StealBit.

 

Dubbed “Exmatter,” it is designed to steal specific file types from selected directories and then upload them to a server under the control of BlackMatter attackers.

 

This process of whittling down data sources to only those deemed most profitable or business-critical is designed to speed up the whole exfiltration process, presumably so the threat actors can complete their attack stages before being interrupted.

 

After retrieving the drive names of all logical drives on a victim computer and collecting all file pathnames, Exmatter disregards anything under specific directories such as “C:\Documents and Settings.”

 

It only exfiltrates specific file types such as PDFs, Word docs, spreadsheets and PowerPoints, and aims to prioritize those for exfiltration using LastWriteTime.

 

Once exfiltration has been completed, Exmatter looks to overwrite and delete any traces of itself from the victim’s computer.

 

Symantec said it found various versions of the tool, indicating that its developers have tried to refine its functionality to accelerate the process of data theft as far as possible.

 

The researchers claimed BlackMatter itself is linked to the “Coreid” cybercrime group, which may have also been responsible for Darkside — the variant that led to the Colonial Pipeline outage.

 

However, it’s unclear whether Exmatter was developed by this group or one of the many affiliates who use BlackMatter in attacks.

 

“Like most ransomware actors, attacks linked to Coreid steal victims’ data and the group then threatens to publish it to further pressure victims into paying the ransom demand,” Symantec concluded.

 

“Whether Exmatter is the creation of Coreid itself or one of its affiliates remains to be seen, but its development suggests that data theft and extortion continues to be a core focus of the group.”

 

The US authorities issued an alert on BlackMatter in mid-October, after it began to target critical infrastructure providers. One vendor claims it may still help victims of the ransomware variant after finding a bug in its code.

Source: Phil Muncaster UK / EMEA News Reporter
Via: Infosecurity Magazine
Tags: BlackMatter
ShareTweetShare
Plugin Install : Subscribe Push Notification need OneSignal plugin to be installed.

Search

No Result
View All Result

Recent News

Inaugural AfCFTA Conference on Women and Youth in Trade

Inaugural AfCFTA Conference on Women and Youth in Trade

September 6, 2022
Instagram fined €405m over children’s data privacy

Instagram fined €405m over children’s data privacy

September 6, 2022
8 Most Common Causes of a Data Breach

5.7bn data entries found exposed on Chinese VPN

August 18, 2022

About What We Do

itechnewsonline.com

We bring you the best Premium Tech News.

Recent News With Image

Inaugural AfCFTA Conference on Women and Youth in Trade

Inaugural AfCFTA Conference on Women and Youth in Trade

September 6, 2022
Instagram fined €405m over children’s data privacy

Instagram fined €405m over children’s data privacy

September 6, 2022

Recent News

  • Inaugural AfCFTA Conference on Women and Youth in Trade September 6, 2022
  • Instagram fined €405m over children’s data privacy September 6, 2022
  • 5.7bn data entries found exposed on Chinese VPN August 18, 2022
  • Fibre optic interconnection linking Cameroon and Congo now operational July 15, 2022
  • Home
  • InfoSec
  • Opinion
  • Africa Tech
  • Data Storage

© 2021-2022 iTechNewsOnline.Com - Powered by BackUPDataSystems

No Result
View All Result
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion

© 2021-2022 iTechNewsOnline.Com - Powered by BackUPDataSystems

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Go to mobile version