In a startling turn of events on March 6, 2024, the notorious BlackCat ransomware threat actors executed an exit scam, shutting down their darknet website and leaving the cybersecurity community in disarray. Security researcher Fabian Wosar revealed the group’s deceptive move, pointing out irregularities in a law enforcement seizure banner. Denying any involvement, the U.K.’s National Crime Agency contradicted rumors of their intervention, while recorded screenshots from BlackCat actors claimed federal interference and an intention to sell the ransomware’s source code for $5 million. With reports of a $22 million ransom payment from UnitedHealth’s Change Healthcare unit, the group’s refusal to share the proceeds sparked internal strife, leading to speculations of an exit scam or a strategic rebranding for future operations. This abrupt disappearance, coupled with other cyber threats’ developments, underscores the dynamic nature of the cyber underworld and the constant challenges faced by cybersecurity professionals in safeguarding digital landscapes.
https://thehackernews.com/2024/03/exit-scam-blackcat-ransomware-group.html