BlackSuit

Threat Actor

BlackSuit emerged in May 2023 and mainly targets US companies in the education and industrial goods sectors. BlackSuit uses a double-extortion method and other tactics, techniques, and procedures (TTPs) that reflect a maturity atypical of a group that's only been around for a year. This reflects its origin in Royal, which in turn was comprised of members of the formidable and now-defunct Conti ransomware gang.

Malware Used by this Threat Actor

No malware identified for this threat actor.