BlackSuit ransomware crew loses servers, domains, and $1m in global shakedown

In a display of bureaucratic bravado, US law enforcement agencies say they've “disrupted” the BlackSuit ransomware gang (also known as Royal), freeing millions of dollars in virtual currency from its clutches.

On July 24, the US Department of Homeland Security Investigations (HSI) - with help from the FBI, Secret Service, and the IRS — seized four servers and nine domains tied to the BlackSuit’s ransomware infrastructure and froze $1,091,453 in virtual currency, the kind of loot one might accrue after shaking down hospitals, schools, energy firms, and government bodies for ransom.

US Department of Justice unsealed the seizure warrant on August 11 and said that the bust had help from cyber-plods in the UK, Germany, Ireland, France, Canada, Ukraine, and Lithuania.

The UK’s National Cyber Security Centre did not immediately respond to The Register’s questions.

The Monday announcement comes weeks after we reported on the seizure ...