In a year rife with ransomware attacks, when cybercriminals have held the data of police departments, grocery and pharmacy chains, hospitals, pipelines and water treatment plants hostage with computer code, it was a win, rare in the scale of its success.
For months, a team of security experts raced to help victims of a high-profile ransomware group quietly recover their data without paying their digital assailants a dime.
It started in late summer, after the cybercriminals behind the Colonial Pipeline ransomware attack, known as DarkSide, emerged under a new name, BlackMatter. Soon after, the cybercriminals made a glaring mistake that most likely cost them tens, if not hundreds, of millions of dollars.
Ransomware criminals encrypt a victim's data and demand a ransom payment, sometimes millions of dollars, to return access. But when BlackMatter committed a critical error in an update to its code, researchers at Emsisoft, a cybersecurity firm in New Zealand, realized they could exploit the error, decrypt files and return access to the data's rightful owners.From The New York Times
No entries found