Impreza Portal
Sign InMy ServicesMy DomainsMy InvoicesMy Tickets
Blog
Celebrative Logos
Our Platform
Tutorials
Video TutorialsKnowledge Base
Calculator
More
UptimeNetwork StatusAffiliatesJobsAbout us
enGlobal ($ USD)
esEspaña (€ EUR) (Spain (€ EUR))pt-brBrasil (R$ BRL) (Brazil (R$ BRL))
Contact
Submit Ticket (Less than 1hour to answer)Whatsapp (Less than 24hours to answer)Telegram (Less than 24hours to anwer)Report Abuse

Special Offer for Today only!

Maximum power with a
Intel Xeon E-2236

A powerful machine with:

  • Intel Xeon E-2236
  • 64GB DDR4 ECC
  • 2x 960GB NVMe
  • 1Gbps uplink
  • Dallas, TX Datacenter

From

$200/mo

To

  $149/mo

Complete hardware for your Servers, choose any OS you want, reinstall, install, shut it down or turn it on, you’re in control everytime!

Order Now
HOMEDOMAINS

Servers

Whether Offshore or Surface, we have it all, a lot of Server
options for various types of use!

Hosting

Hosting Services ready for your website, whether on
WordPress or another systems, we can handle it!

Email

Be professional online and get an unique Email with your
name or the name of your company!

Security

Browse the web freely by choosing any of our online
security methods, always be anonymous online!

Choose the Hosting Service that will fit you!

Choose a complete Website Hosting for your business, get everything you need to start online

All Products ➤
WEBSITE HOSTINGWEBSITE HOSTINGThe first step to let your website onlineThe first step to let your website onlineKNOW MORE

Get a Hosting Service that works for you and let’s begin a Journey together!

Recommended Services

SSL Certificates

Backup for Websites

Professional Email

CONTACT
Login
Sign InCreate an Account
No Comments

Hacker group accelerates data theft with new tool

 

Researchers on the team at Symantec Threat Hunter, the Enterprise Security Solutions division of Broadcom, have discovered a new data exfiltration tool designed to accelerate information theft for ransomware groups using the BlackMatter variant.

The team of researchers explained in a post on the company’s blog that the custom tool is the third discovery of its kind, after the development of the Ryuk Stealer and StealBit tools linked to the hacker group that operates the LockBit ransomware.

Called Exmatter, the tool is designed to steal specific file types from selected directories and then upload them to a server under the control of BlackMatter attackers.

This process of reducing data sources to only those deemed most profitable or business critical is designed to speed up the entire data exfiltration process, presumably so that threat operators can complete their attack stages before they are discovered and stopped .

After retrieving the names of all logical drives on the victim’s computer and collecting all file names, Exmatter disregards things in specific directories like “C:Documents and Settings”. It only exfiltrates specific file types, such as PDFs, Word documents, spreadsheets and PowerPoints, and aims to prioritize them for exfiltration using LastWriteTime. Once the exfiltration is complete, Exmatter seeks to overwrite and delete any traces of itself from the victim’s computer.

Symantec said it found several versions of the tool, indicating that its developers had tried to refine its functionality to speed up the data theft process as far as possible. The company’s researchers said BlackMatter is linked to cybercrime group Coreid, which may also have been responsible for Darkside, the variant that led to the Colonial Pipeline’s disruption in early May. However, it is unclear whether Exmatter was developed by this group or by one of the many affiliates that use BlackMatter in attacks.

US authorities issued a warning about BlackMatter in mid-October after it began targeting critical infrastructure providers.

 

 

Source: CisoAdvisor

You might also like
Marketing, Programming, Tips, Ecommerce, News
Marketing, Programming, Tips, Ecommerce, News

More Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.