IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

US offers $10 million for information on BlackMatter ransomware operators

The sizeable reward will be given to anyone who can aid the investigation into those believed to be behind the Colonial Pipeline attack

The US Department of State has said it will issue a reward up to $10 million (£7.4 million) to any individual who can provide it with information leading to the identification or location of any senior member of the group behind the BlackMatter ransomware tool.

An additional reward of up to $5 million (£3.7 million) will also be given to anyone who can provide information leading to the arrest or conviction of anyone involved in the distribution, or attempted distribution, of the ransomware.

The Department of State announced the initiative on Thursday, stepping up its pursuit of those who may be involved in the cyber attack on Colonial Pipeline earlier this year.

DarkSide was the malware believed to be used in the attack, which forced the US to suspend 5,500 miles of pipeline between Texas and New York, wreaking havoc on the nation's fuel supplies and spiking oil prices.

As IT Pro reported earlier this week, the BlackMatter group had confirmed it was ceasing operation following 'mounting pressure from law enforcement' and is believed to be a rebrand of the group which distributed DarkSide in the US earlier this year.

The ransomware gang issued the statement to its ransomware-as-a-service (RaaS) portal, which is used by clients, past and present, to access their copy of BlackMatter.

Experts have said that due to BlackMatter's recent success, and the lucrative nature of the business, it's likely the group will re-emerge - most likely under a different alias.

Related Resource

The best defence against ransomware

How ransomware is evolving and how to defend against it

Blue padlock Free download

"In offering this reward, the United States demonstrates its commitment to protecting ransomware victims around the world from exploitation by cyber criminals," the department said in a statement. "The United States looks to nations who harbour ransomware criminals that are willing to bring justice for those victim businesses and organisations affected by ransomware."

Following the attack on Colonial Pipeline, its CEO confirmed the company paid a $4.4 million (£3.2 million) ransom to the hackers, $2.3 million (£1.7 million) of which was subsequently recovered by the Department of Justice.

The reward is being offered under the Department of State’s Transnational Organised Crime Rewards Program (TOCRP), which has led to the convictions of more than 75 transnational criminals. The TOCRP has paid more than $135 million (£100.4 million) in rewards to date.

The rewards programme is split into two branches: one is focused on the distribution of narcotics, and the other is for transnational organised crime. Both can issue rewards of up to $25 million (£18.5 million) for information leading to the arrest and/or conviction of members of significant transnational criminal organisations.

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

Darktrace AI’s Antigena helps stop ransomware attack at Dordogne GHT
ransomware

Darktrace AI’s Antigena helps stop ransomware attack at Dordogne GHT

13 Apr 2022
Sabbath hackers are targeting US schools and hospitals
ransomware

Sabbath hackers are targeting US schools and hospitals

29 Nov 2021
Out-of-hours ransomware attacks have a greater impact on revenue
ransomware

Out-of-hours ransomware attacks have a greater impact on revenue

18 Nov 2021
US and Israel join forces to fight ransomware
ransomware

US and Israel join forces to fight ransomware

15 Nov 2021

Most Popular

Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

13 May 2022
How full-stack observability can accelerate IT innovation
Sponsored

How full-stack observability can accelerate IT innovation

3 May 2022