Tech Giant Olympus Hit by Ransomware Attack from ‘BlackMatter’, Successor of DarkSide

Richard Marley

September 13, 2021

More than 40 ransomware attacks have been attributed to BlackMatter, a ransomware-as-a-service group that has targeted Japanese tech giant Olympus.

In a brief statement on Sunday, Olympus said that it is “currently investigating a potential cybersecurity incident” that has affected its European, Middle East and Africa computer network.

The statement says, “Upon detection of suspicious activity, we immediately mobilized a specialized response team including forensics experts, and we are currently working with the highest priority to resolve this issue. As part of the investigation, we have suspended data transfers in the affected systems and have informed the relevant external partners”.

The group behind the ransomware attack on Olympus has been identified as BlackMatter – a Ransomware-as-a-Service (RaaS) group that is considered as a successor of criminal groups DarkSide and REvil. High-profile cases initiated by these two groups include the Colonial Pipeline and Kaseya ransomware attacks.

A ransom note positioned on the infected computers claims the attack has been launched by BlackMatter. It says, “Your network is encrypted, and not currently operational,” it reads. “If you pay, we will provide you the programs for decryption.”

Ever since the BlackMatter group emerged in June, more than 40 ransomware attacks have been attributed to them. However, the total number of victims is likely to be significantly higher.

Olympus is a world-renowned multinational Japanese technology company, which originally focused on optics and reprography products. It is best known for its cameras, which are commonly used in the industry of photography and other forms of media.

While no updates have been provided by either sides, the BlackMatter and Olympus ransomware attack shows how big of a threat is directed at Big Tech companies.