BlackSuit infrastructure dismantled in global raid
Authorities seized servers and assets while disrupting ransomware operations and laundering schemes.
US law enforcement, alongside nine other nations, dismantled the BlackSuit ransomware gang’s infrastructure, replacing its leak site with a takedown notice after a coordinated operation. The group, formerly known as Royal, had amassed over $370 million in ransoms since 2022.
More than 450 victims were targeted across critical infrastructure sectors, with ransom demands soaring up to $60 million. Dallas suffered severe disruption in a notable attack, affecting emergency services and courts.
German authorities seized key infrastructure, securing data that is now under analysis to identify further collaborators. The operation also included confiscating servers, domains and digital assets used for extortion and money laundering.
New research indicates that members of BlackSuit may already be shifting to a new ransomware operation called Chaos. US agencies seized $2.4 million in cryptocurrency linked to a Chaos affiliate, marking a significant blow to evolving cybercrime efforts.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!