Black Suit

Malware Profile Updated 24 days ago
Download STIX
Preview STIX
Black Suit is a notable piece of malware that emerged as a rebranding of the Royal ransomware. The connection between the two was established through matching binaries. This malicious software, designed to exploit and damage computer systems, has been linked to several cyberattacks. Notably, Black Suit has targeted institutions such as DePauw University and Zoo Tampa. The malware can infiltrate systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, it is capable of stealing personal information, disrupting operations, or even holding data for ransom. The Black Suit ransomware operation made headlines when it claimed responsibility for a major attack resulting in the theft of 214 GB of data. In addition to this, an Indiana-based liberal arts school, DePauw University, suffered a significant data breach on October 31. The breach compromised data from current and prospective students, and the incident was subsequently claimed by the Black Suit operation. The malware's activities underscore its potential to cause serious disruptions and violations of privacy. In the broader context of cybersecurity, Black Suit, alongside Royal and Akira, are considered significant beneficiaries of Conti's legacy. Its emergence and activity follow a pattern of disruption and rebranding seen with other malicious programs such as Hive ransomware and BlackByte. The latter also underwent a rebranding process similar to Black Suit, while another malware, NoEscape (formerly Avaddon), executed an exit scam. These events highlight the evolving nature of cyber threats and the importance of robust defenses against them.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Black Suit Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
3 months ago
Jan Marsalek an Agent for Russia? The Double Life of the former Wirecard Executive
CERT-EU
4 months ago
A look back to plan ahead | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting
CERT-EU
4 months ago
Ransomware Activity Surged in 2023, Likely to Evolve in 2024 | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting
CERT-EU
6 months ago
DePauw University warns of data breach as ransomware attacks on colleges surge
CERT-EU
3 months ago
Tackling the new generation of cyber threats | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting
CERT-EU
6 months ago
Data breach hits DePauw University after Black Suit ransomware attack | #ransomware | #cybercrime | National Cyber Security Consulting
CERT-EU
a year ago
Tampa Bay zoo targeted in cyberattack by apparent offshoot of Royal ransomware
CERT-EU
a year ago
Prince Harry arrives at High Court for hearing against Associated Newspapers over ‘hacking claims’ | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker – National Cyber Security Consulting