CyberSecurityBoard
Sponsor Register Login

Law Enforcement Confirms BlackCat Take Down, Decryption Key Offered to

The takedown of the ALPHV/BlackCat ransomware group's leak site has been confirmed as a result of global law enforcement action.
The FBI is now urging over 500 of the group's victims to come forward to receive a decryption key that will enable them to restore their systems.
A notice on the notorious Ransomware-as-a-Group's website states that 'This Website Has Been Seized.
The US Department of Justice confirmed the law enforcement disruption campaign in a statement on December 19, 2023.
The DoJ revealed that the FBI has worked with dozens of victims in the US and internationally to develop a decryption tool, which they believe will save multiple victims from ransom demands totaling approximately $68m. More Websites Seized.
Through the investigation, the FBI has gained more visibility into the BlackCat group's computer network, enabling it to seize several more websites it operates.
Acting Assistant Attorney General Nicole M. Argentieri of the Justice Department's Criminal Division vowed to continue the investigation and pursue those behind BlackCat until they are brought to justice.
The DoJ also recognized the critical cooperation of Europol and German and Danish law enforcement in the action, alongside other national police agencies.
It was first reported in early December 2023 that BlackCat was experiencing online disruption, which cybersecurity commentators quickly attributed to law enforcement action.
On December 18, ZeroFox released an analysis of BlackCat's activities from January 2022 to October 2023, finding that it was the second-most leveraged strain in North America and Europe over the period, behind only LockBit.
While welcoming the takedown of the group's leak site, Daniel Curtis, Senior Intelligence Analyst at ZeroFox, emphasized that it will likely only result in a temporary suppression of the threat from its operatives.
Michael McPherson, SVP Technical Operations ReliaQuest and former FBI special agent said the law enforcement action is a body-blow to the ransomware ecosystem but by no means a knockout punch.
McPherson believes the potential permanent removal of ALPHV is likely to be a significant short-term disruption to ransomware globally.
Experts also lauded the US government's support for victims of BlackCat, which Raj Samani, SVP and Chief Scientist at Rapid7 said is a vital component of disincentivizing other ransomware attackers.


This Cyber News was published on www.infosecurity-magazine.com. Publication date: Tue, 19 Dec 2023 17:00:12 +0000


Cyber News related to Law Enforcement Confirms BlackCat Take Down, Decryption Key Offered to

BlackCat Strikes Back: Ransomware Gang "Unseizes" Website, Vows No Limits on Targets - The BlackCat ransomware group, also known as Alphv, has started taking action in response to the recently announced law enforcement operation that involved website seizures and the release of a decryption tool. BlackCat's Tor-based leak website ...
10 months ago Securityweek.com
DOJ Seizes Ransomware Site as BlackCat Threatens More Attacks - U.S. law enforcement agencies said they shut down the online operations of the notorious Russia-linked BlackCat ransomware-as-a-service group and developed a decryption tool that will help more than 500 victims regain access to their encrypted data ...
10 months ago Securityboulevard.com
#StopRansomware: ALPHV Blackcat - The Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency are releasing this joint CSA to disseminate known IOCs and TTPs associated with the ALPHV Blackcat ransomware as a service identified through FBI ...
10 months ago Cisa.gov
Law Enforcement Confirms BlackCat Take Down, Decryption Key Offered to - The takedown of the ALPHV/BlackCat ransomware group's leak site has been confirmed as a result of global law enforcement action. The FBI is now urging over 500 of the group's victims to come forward to receive a decryption key that will enable them ...
10 months ago Infosecurity-magazine.com
BlackCat Ransomware Raises Ante After FBI Disruption - The U.S. Federal Bureau of Investigation disclosed today that it infiltrated the world's second most prolific ransomware gang, a Russia-based criminal group known as ALPHV and BlackCat. The FBI said it seized the gang's darknet website, and released ...
10 months ago Krebsonsecurity.com
FBI disrupts Blackcat ransomware operation, creates decryption tool - The Department of Justice announced today that the FBI successfully breached the ALPHV ransomware operation's servers to monitor their activities and obtain decryption keys. On December 7th, BleepingComputer first reported that the ALPHV, aka ...
10 months ago Bleepingcomputer.com
The law enforcement operations targeting cybercrime in 2023 - In 2023, we saw numerous law enforcement operations targeting cybercrime operations, including cryptocurrency scams, phishing attacks, credential theft, malware development, and ransomware attacks. While some of these operations were more successful ...
10 months ago Bleepingcomputer.com
Law enforcement seizes ALPHV/Blackcat sites, offers decryptor to victims - The US Justice Department announced today a disruption campaign against the Blackcat/ALPHV ransomware group and let victims know that there is a decryptor they can use. Over the past 18 months, ALPHV/Blackcat has emerged as the second most prolific ...
10 months ago Helpnetsecurity.com
Law Firms and Legal Departments Get Singled Out For Cyberattacks - Cyberattackers are doubling down on their attacks against law firms and corporate legal departments, moving beyond their historical activity of hacking and leaking secrets to targeting the sector with financial attacks, such as ransomware and ...
11 months ago Darkreading.com
How the FBI seized BlackCat ransomware's servers - An unsealed FBI search warrant revealed how law enforcement hijacked the ALPHV/BlackCat ransomware operations websites and seized the associated URLs. Today, the US Department of Justice confirmed that they seized websites for the ALPHV ransomware ...
10 months ago Bleepingcomputer.com
Law Enforcement Reportedly Behind Takedown of BlackCat/Alphv Ransomware Website - The official leak website of the notorious ransomware group known as BlackCat and Alphv has been offline for days and law enforcement is believed to be behind the takedown. The Tor-based BlackCat/Alphv leak site has been inaccessible since December ...
10 months ago Securityweek.com
LockBit ransomware now poaching BlackCat, NoEscape affiliates - The LockBit ransomware operation is now recruiting affiliates and developers from the BlackCat/ALPHV and NoEscape after recent disruptions and exit scams. Last week, the NoEscape and the BlackCat/ALPHV ransomware operation's Tor websites suddenly ...
10 months ago Bleepingcomputer.com
Feds Snarl ALPHV/BlackCat Ransomware Operation - After nearly two weeks of speculation, the US Department of Justice has claimed credit for the takedown of ALPHV/BlackCat leak sites and infiltrating the ransomware group's network. Experts speculate this could be a wrap for the ransomware group just ...
10 months ago Darkreading.com
The Week in Ransomware - Earlier this month, the BlackCat/ALPHV ransomware operation suffered a five-day disruption to their Tor data leak and negotiation sites, rumored to be caused by a law enforcement action. The FBI revealed this week that they hacked the BlackCat/ALPHV ...
10 months ago Bleepingcomputer.com
ALPHV ransomware site outage rumored to be caused by law enforcement - A law enforcement operation is rumored to be behind an outage affecting ALPHV ransomware gang's websites over the last 30 hours. The ALPHV negotiation and data leak sites suddenly became unavailable yesterday and continue to remain down today. ...
10 months ago Bleepingcomputer.com
FBI VS. ALPHV/Blackcat: cybergang fights back - Seizure and decryption tool The Department of Justice recently published a press release stating that the FBI, supported by multiple government agencies in Europe, has been able to seize the official website of a cyber gang called BlackCat, also ...
10 months ago Pandasecurity.com
Analyzing the SonicWall Custom Grub LUKS Encryption Modifications - During our initial analysis of a virtual machine image for the application, we discovered a customized LUKS encryption mechanism meant to hinder reverse engineering of the application. We were able to recover the LUKS decryption key by leveraging ...
11 months ago Securityboulevard.com
US Gov Disrupts BlackCat Ransomware Operation; FBI Releases Decryption Tool - The US government on Tuesday announced the disruption of the notorious BlackCat ransomware-as-a-service operation and released a decryption tool to help organizations recover hijacked data. The Justice Department said the disruption of BlackCat, also ...
10 months ago Securityweek.com
Understanding the Seizure of Dark Web Sites Linked to the Hive Ransomware - Recently, law enforcement seized several dark web sites linked to the Hive ransomware. The Hive ransomware is a potent form of malware that cybercriminals use to target organizations and individual computer users in order to demand a ransom for ...
1 year ago Bleepingcomputer.com
FBI: ALPHV ransomware raked in $300 million from over 1,000 victims - The ALPHV/BlackCat ransomware gang has made over $300 million in ransom payments from more than 1,000 victims worldwide as of September 2023, according to the Federal Bureau of Investigation. In the joint advisory published today in collaboration ...
10 months ago Bleepingcomputer.com
Waiting for the BlackCat rebrand - We saw another ransomware operation shut down this week after first getting breached by law enforcement and then targeting critical infrastructure, putting them further in the spotlight of the US government. While the Tor onion domain seizure was a ...
7 months ago Bleepingcomputer.com
FBI Disrupts BlackCat Ransomware Threat Group Activity - The U.S. Justice Department announced on December 19th that the Federal Bureau of Investigations had disrupted the BlackCat ransomware threat group's activity. The FBI offered a decryption tool to more than 500 affected victims. They also encourage ...
10 months ago Heimdalsecurity.com
BlackCat Rises: Infamous Ransomware Gang Defies Law Enforcement - Despite law enforcement efforts to take-down the notorious ALPHV/BlackCat ransomware gang the threat actors are not going down without a fight. Latest developments have shown that the site that was supposedly 'taken down' by the FBI has now been ...
10 months ago Infosecurity-magazine.com
Law enforcement conducts 'largest ever' botnet takedown - In the latest high-profile law enforcement action against cybercrime, agencies disrupted several notorious botnets and malware droppers widely used in ransomware attacks. Europol on Thursday announced that an international law enforcement action, ...
5 months ago Techtarget.com
ALPHV/BlackCat Takedown Appears to Be Law Enforcement Related - A Dark Web leak site known to be operated by the notorious ransomware group APLHV/BlackCat was taken offline on Dec. 7 and now threat intelligence experts have confirmed the outage is part of law enforcement action against the group. Dark Reading has ...
10 months ago Darkreading.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)