The ransomware group, which has distributed ransomware to more than 1,000 victims, reportedly recovered control of its website on Tuesday.
On Dec. 19, the Department of Justice announced the FBI had been working on a disruption campaign against the ransomware group known as ALPHV, Noberus or BlackCat that resulted in the seizure of several of the group's websites, visibility into their network and a decryption tool that could restore stolen data.
International law enforcement agencies from Australia, Denmark, Germany, Spain and the U.K. participated.
ALPHV/BlackCat is a group that has been known for ransomware since 2021.
Their ransomware, called by the same name, is written in the Rust programming language.
Its ability to customize for different operating systems makes it viable against a wide range of targets.
ALPHV/BlackCat operates ransomware-as-a-service, selling its services and running an advertiser ecosystem around them.
Ransomware group investigated and site temporarily closed by international law enforcement.
The FBI is offering a decryption tool to over 500 victims.
Organizations have been saved from having to pay about $68 million in ransom demands.
SEE: A new social engineering threat targets recruiters by posing as interested candidates.
Removing BlackCat's fangs and its websites would mean the ransomware group would be able to steal less data in the first place and would lose its marketplace for selling that data to black-market buyers.
The group's remaining rule is that it will not support attacks against the Commonwealth of Independent States, which is a coalition of former Soviet Union nations, including Russia.
In order to prevent large-scale ransomware attackers from gaining a foothold in business systems, organizations should follow security best practices regarding preventing malicious code execution.
This Cyber News was published on www.techrepublic.com. Publication date: Wed, 20 Dec 2023 21:43:04 +0000