August 7, 2024 at 06:27PM CISA and the FBI confirmed that the Royal ransomware rebranded to BlackSuit, demanding over $500 million from victims since September 2022. The joint advisory details the gang’s evolution, attack tactics, and linked organizations. Notably, the BlackSuit gang caused a widespread IT outage at CDK Global, affecting over 15,000 car dealerships. … Read more
January 20, 2024 at 10:16AM The 3AM ransomware operation is found to have connections with infamous groups like the Conti syndicate and the Royal ransomware gang. They are using new tactics such as sharing data leaks with victims’ social media followers and using bots to reply to high-ranking accounts on X. 3AM also tested a … Read more
November 14, 2023 at 10:56AM The Royal ransomware gang is potentially preparing for a rebrand or spinoff, as their ransom demands have already exceeded $275 million. The group has targeted over 350 victims worldwide, demanding between $1 million and $12 million in ransom. They primarily gain access through phishing emails and employ partial encryption and … Read more
November 14, 2023 at 09:53AM The FBI and CISA have released guidance on the Royal ransomware operation, suggesting that it may undergo a rebrand. The agencies have observed code overlaps and similarities in intrusion techniques between Royal and BlackSuit ransomware, indicating a potential rebrand or spinoff variant. The advisory provides information on the IOCs and … Read more
November 14, 2023 at 09:27AM The Royal ransomware gang has targeted over 350 organizations worldwide, demanding over $275 million in ransom. The cybercriminals are potentially planning to rebrand their operation, according to the US cybersecurity agency CISA and the FBI. The gang has attacked entities in critical infrastructure, education, healthcare, and manufacturing sectors, demanding payments … Read more