• Latest
  • Trending
BlackMatter Group Speeds Up Data Theft with New Tool

BlackMatter Group Speeds Up Data Theft with New Tool

December 31, 2021
Apple is reportedly testing iPhones with USB-C

Apple is reportedly testing iPhones with USB-C

May 16, 2022
Nintendo Working on Next-Gen Switch Powered by an NVIDIA SoC

Nintendo Working on Next-Gen Switch Powered by an NVIDIA SoC

May 16, 2022
AMD Instinct MI300 Exascale APU Features Zen4 CPU and CDNA3 GPU

AMD Instinct MI300 Exascale APU Features Zen4 CPU and CDNA3 GPU

May 16, 2022
GrAI Matter Labs Unveils sparsity-native AI SoC

GrAI Matter Labs Unveils sparsity-native AI SoC

May 16, 2022
Tecnotree Launches a Transformation Suite for MTN Ghana

Tecnotree Launches a Transformation Suite for MTN Ghana

May 16, 2022
Ghana with Moringa School and Brighter Investment to promote digital skills for jobs

Ghana with Moringa School and Brighter Investment to promote digital skills for jobs

May 16, 2022
SA Obscure Technologies announces strategic alliance with DNSSense

SA Obscure Technologies announces strategic alliance with DNSSense

May 16, 2022
SLVA Cybersecurity to provide crucial new API security solutions

SLVA Cybersecurity to provide crucial new API security solutions

May 16, 2022
Samsung PRO Endurance Up to 256GB microSD Memory Card

Samsung PRO Endurance Up to 256GB microSD Memory Card

May 16, 2022
Apacer AS2280Q4U M.2 PCIe Gen4 x4 NVMe 1.4 for PS5

Apacer AS2280Q4U M.2 PCIe Gen4 x4 NVMe 1.4 for PS5

May 16, 2022
ProGrade Digital SDXC UHS-II V90 512GB U3 Memory Card

ProGrade Digital SDXC UHS-II V90 512GB U3 Memory Card

May 16, 2022
Team Group T-Force Vulcan Z SATA 2.5-Inch With 3D TLC Flash

Team Group T-Force Vulcan Z SATA 2.5-Inch With 3D TLC Flash

May 16, 2022
  • Consumer Watch
  • Kids Page
  • Directory
  • Events
  • Reviews
Monday, 16 May, 2022
  • Login
itechnewsonline.com
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion
Subscription
Advertise
No Result
View All Result
itechnewsonline.com
No Result
View All Result

BlackMatter Group Speeds Up Data Theft with New Tool

by ITECHNEWS
December 31, 2021
in Infosec, Leading Stories
0 0
0
BlackMatter Group Speeds Up Data Theft with New Tool

Security researchers have discovered a new data exfiltration tool designed to accelerate information theft for ransomware groups using the BlackMatter variant.

 

YOU MAY ALSO LIKE

Apple is reportedly testing iPhones with USB-C

Nintendo Working on Next-Gen Switch Powered by an NVIDIA SoC

The Symantec Threat Hunter team explained in a new blog post today that the custom tool is the third discovery of its kind, following the development of the Ryuk Stealer tool and the LockBit-linked StealBit.

 

Dubbed “Exmatter,” it is designed to steal specific file types from selected directories and then upload them to a server under the control of BlackMatter attackers.

 

This process of whittling down data sources to only those deemed most profitable or business-critical is designed to speed up the whole exfiltration process, presumably so the threat actors can complete their attack stages before being interrupted.

 

After retrieving the drive names of all logical drives on a victim computer and collecting all file pathnames, Exmatter disregards anything under specific directories such as “C:\Documents and Settings.”

 

It only exfiltrates specific file types such as PDFs, Word docs, spreadsheets and PowerPoints, and aims to prioritize those for exfiltration using LastWriteTime.

 

Once exfiltration has been completed, Exmatter looks to overwrite and delete any traces of itself from the victim’s computer.

 

Symantec said it found various versions of the tool, indicating that its developers have tried to refine its functionality to accelerate the process of data theft as far as possible.

 

The researchers claimed BlackMatter itself is linked to the “Coreid” cybercrime group, which may have also been responsible for Darkside — the variant that led to the Colonial Pipeline outage.

 

However, it’s unclear whether Exmatter was developed by this group or one of the many affiliates who use BlackMatter in attacks.

 

“Like most ransomware actors, attacks linked to Coreid steal victims’ data and the group then threatens to publish it to further pressure victims into paying the ransom demand,” Symantec concluded.

 

“Whether Exmatter is the creation of Coreid itself or one of its affiliates remains to be seen, but its development suggests that data theft and extortion continues to be a core focus of the group.”

 

The US authorities issued an alert on BlackMatter in mid-October, after it began to target critical infrastructure providers. One vendor claims it may still help victims of the ransomware variant after finding a bug in its code.

Source: Phil Muncaster UK / EMEA News Reporter
Via: Infosecurity Magazine
Tags: BlackMatter
ShareTweetShare

Get real time update about this post categories directly on your device, subscribe now.

Unsubscribe

Search

No Result
View All Result

Recent News

Apple is reportedly testing iPhones with USB-C

Apple is reportedly testing iPhones with USB-C

May 16, 2022
Nintendo Working on Next-Gen Switch Powered by an NVIDIA SoC

Nintendo Working on Next-Gen Switch Powered by an NVIDIA SoC

May 16, 2022
AMD Instinct MI300 Exascale APU Features Zen4 CPU and CDNA3 GPU

AMD Instinct MI300 Exascale APU Features Zen4 CPU and CDNA3 GPU

May 16, 2022

About What We Do

itechnewsonline.com

We bring you the best Premium Tech News.

Recent News With Image

Apple is reportedly testing iPhones with USB-C

Apple is reportedly testing iPhones with USB-C

May 16, 2022
Nintendo Working on Next-Gen Switch Powered by an NVIDIA SoC

Nintendo Working on Next-Gen Switch Powered by an NVIDIA SoC

May 16, 2022

Recent News

  • Apple is reportedly testing iPhones with USB-C May 16, 2022
  • Nintendo Working on Next-Gen Switch Powered by an NVIDIA SoC May 16, 2022
  • AMD Instinct MI300 Exascale APU Features Zen4 CPU and CDNA3 GPU May 16, 2022
  • GrAI Matter Labs Unveils sparsity-native AI SoC May 16, 2022
  • Home
  • InfoSec
  • Opinion
  • Africa Tech
  • Data Storage

© 2021 iTechNewsOnline.Com - Powered by BackUpDataSystems

No Result
View All Result
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion

© 2021 iTechNewsOnline.Com - Powered by BackUpDataSystems

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?
Go to mobile version