Ransomware Expert Offer Insights On BlackMatter Data Exfiltration Tool

It’s not surprising that they are focusing specifically on extracting data, given these are ultimately the crown jewels of any organization from customer data to trade secrets and employee information. Any data that can be used for extortion is fair game and so it makes sense to focus on this from the attacker’s perspective. The approach is not really new though – most ransomware uses some form of exfiltration already, they just use different approaches to do this. This particular example is exfiltrating the data before putting up a paywall, which is a different sequence than we typically see. I am not sure I would say it is more dangerous than any others though, just a slightly different approach. 

The lack of repercussions and danger associated with ransomware continues to attract new entrants on a daily basis. There are virtually no barriers to entry and it is very easy to work with many of these gangs and utilize their technologies, so the attacks will only continue to grow.