US offers up to $15 million for tips on ALPHV ransomware gang

The U.S. State Department is offering rewards of up to $10 million for information that could lead to the identification or location of ALPHV/Blackcat ransomware gang leaders.
An additional $5 million bounty is also available for tips on individuals trying to take part in ALPHV ransomware attacks, likely to discourage affiliates and initial access brokers.
The FBI linked this ransomware gang to over 60 breaches worldwide during its first four months of activity between November 2021 and March 2022.
These rewards are provided through the U.S. Transnational Organized Crime Rewards Program, with more than $135 million paid for helpful tips since 1986.
The State Department has set up a dedicated Tor SecureDrop server that can be used to submit tips on ALPHV and other wanted threat actors.
ALPHV surfaced in November 2021 and is believed to be a rebrand of the DarkSide and BlackMatter ransomware operations.
The operation shut down in May 2021 after extensive investigations by law enforcement led to the seizure of their infrastructure following the Colonial Pipeline attack.
The gang re-emerged under the BlackMatter brand, shut down again in November 2021, and returned as ALPHV/BlackCat in February 2022.
ALPHV also recently claimed another pipeline attack against Canada's Trans-Northern Pipelines, which is now investigating these claims after confirming a November 2023 network breach.
In January, the U.S. government also announced rewards of up to $10 million for information on the leaders of the Hive ransomware gang.
The State Department previously announced bounties of up to $15 million for tips on members and affiliates of the Hive, Clop, Conti [1, 2], REvil, and Darkside ransomware operations.
Trans-Northern Pipelines investigating ALPHV ransomware attack claims.
New RustDoor macOS malware impersonates Visual Studio update.
MGM Resorts ransomware attack led to $100 million loss, data theft.
Fidelity National Financial: Hackers stole data of 1.3 million people.
MGM casino's ESXi servers allegedly encrypted in ransomware attack.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 15 Feb 2024 19:00:22 +0000

Cyber News related to US offers up to $15 million for tips on ALPHV ransomware gang

9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
6 months ago Esecurityplanet.com

#StopRansomware: ALPHV Blackcat - The Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency are releasing this joint CSA to disseminate known IOCs and TTPs associated with the ALPHV Blackcat ransomware as a service identified through FBI ...
6 months ago Cisa.gov

US offers up to $15 million for tips on ALPHV ransomware gang - The U.S. State Department is offering rewards of up to $10 million for information that could lead to the identification or location of ALPHV/Blackcat ransomware gang leaders. An additional $5 million bounty is also available for tips on individuals ...
4 months ago Bleepingcomputer.com

ALPHV ransomware claims loanDepot, Prudential Financial breaches - The ALPHV/Blackcat ransomware gang has claimed responsibility for the recent network breaches of Fortune 500 company Prudential Financial and mortgage lender loanDepot. The two companies were added to ALPHV's dark web leak site today, with the threat ...
4 months ago Bleepingcomputer.com

FBI: ALPHV ransomware raked in $300 million from over 1,000 victims - The ALPHV/BlackCat ransomware gang has made over $300 million in ransom payments from more than 1,000 victims worldwide as of September 2023, according to the Federal Bureau of Investigation. In the joint advisory published today in collaboration ...
6 months ago Bleepingcomputer.com

The Week in Ransomware - Earlier this month, the BlackCat/ALPHV ransomware operation suffered a five-day disruption to their Tor data leak and negotiation sites, rumored to be caused by a law enforcement action. The FBI revealed this week that they hacked the BlackCat/ALPHV ...
6 months ago Bleepingcomputer.com

ALPHV claims cyberattacks on Prudential Financial, LoanDepot The Register - The ALPHV/BlackCat ransomware group is claiming responsibility for attacks on both Prudential Financial and LoanDepot, making a series of follow-on allegations against them. Neither company has had any of their stolen data leaked at this stage, ...
4 months ago Go.theregister.com

FBI disrupts Blackcat ransomware operation, creates decryption tool - The Department of Justice announced today that the FBI successfully breached the ALPHV ransomware operation's servers to monitor their activities and obtain decryption keys. On December 7th, BleepingComputer first reported that the ALPHV, aka ...
6 months ago Bleepingcomputer.com

The Week in Ransomware - Today's column brings you two weeks of information on the latest ransomware attacks and research after we skipped last week's article. BleepingComputer has learned that some of the BlackCat/ALPHV affiliates are not buying the explanation and have ...
6 months ago Bleepingcomputer.com

Waiting for the BlackCat rebrand - We saw another ransomware operation shut down this week after first getting breached by law enforcement and then targeting critical infrastructure, putting them further in the spotlight of the US government. While the Tor onion domain seizure was a ...
3 months ago Bleepingcomputer.com

ALPHV ransomware site outage rumored to be caused by law enforcement - A law enforcement operation is rumored to be behind an outage affecting ALPHV ransomware gang's websites over the last 30 hours. The ALPHV negotiation and data leak sites suddenly became unavailable yesterday and continue to remain down today. ...
6 months ago Bleepingcomputer.com

US offers $10 million for tips on Hive ransomware leadership - The U.S. State Department offers rewards of up to $10 million for information that could help locate, identify, or arrest members of the Hive ransomware gang. The FBI says this ransomware group had extorted roughly $100 million from over 1,300 ...
4 months ago Bleepingcomputer.com

The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
5 months ago Securityboulevard.com

Researchers link 3AM ransomware to Conti, Royal cybercrime gangs - Security researchers analyzing the activity of the recently emerged 3AM ransomware operation uncovered close connections with infamous groups, such as the Conti syndicate and the Royal ransomware gang. The 3AM ransomware gang's activity was first ...
5 months ago Bleepingcomputer.com

Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
1 year ago Heimdalsecurity.com

Ransomware Groups Gain Clout With False Attack Claims - The cybersecurity community is getting duped by fake breach claims from ransomware groups, experts say - and ransomware misinformation is a threat they predict will only grow in the coming months. The cybersecurity community should know that ...
5 months ago Darkreading.com

Ransomware review: December 2023 - This provides the best overall picture of ransomware activity, but the true number of attacks is far higher. In November there were 457 total ransomware victims, making it the most active month for ransomware gangs in 2023 so far besides May. The top ...
6 months ago Malwarebytes.com

FBI: Royal ransomware asked 350 victims to pay $275 million - The FBI and CISA revealed in a joint advisory that the Royal ransomware gang has breached the networks of at least 350 organizations worldwide since September 2022. In an update to the original advisory published in March with additional information ...
7 months ago Bleepingcomputer.com

Ransomware in 2023 recap: 5 key takeaways - This provides the best overall picture of ransomware activity, but the true number of attacks is far higher. While some ransomware trends hardly changed over the last year, such as LockBit's continued dominance, ransomware criminals also challenged ...
4 months ago Malwarebytes.com

LockBit ransomware now poaching BlackCat, NoEscape affiliates - The LockBit ransomware operation is now recruiting affiliates and developers from the BlackCat/ALPHV and NoEscape after recent disruptions and exit scams. Last week, the NoEscape and the BlackCat/ALPHV ransomware operation's Tor websites suddenly ...
6 months ago Bleepingcomputer.com

Black Basta ransomware made over $100 million from extortion - Russia-linked ransomware gang Black Basta has raked in at least $100 million in ransom payments from more than 90 victims since it first surfaced in April 2022, according to joint research from Corvus Insurance and Elliptic. Over 329 victims ...
7 months ago Bleepingcomputer.com

US offering $15m for info on ALPHV/Blackcat ransomware crew The Register - Infosec in brief The US government is offering bounties up to $15 million as a reward for anyone willing to help it take out the APLHV/Blackcat ransomware gang. ALPHV has made a habit of going after critical infrastructure targets, and last week ...
4 months ago Go.theregister.com

Norton Healthcare discloses data breach after May ransomware attack - Kentucky health system Norton Healthcare has confirmed that a ransomware attack in May exposed personal information belonging to patients, employees, and dependents. Norton Healthcare serves adult and pediatric patients in more than 40 clinics and ...
6 months ago Bleepingcomputer.com

How ransomware gangs are engaging - As ransomware gangs continue to market themselves as legitimate businesses complete with customer service representatives, new research from Sophos showed that threat actors are expanding public relations efforts to further pressure victims into ...
6 months ago Techtarget.com

Ransomware Roundup - The Ransomware Roundup report aims to provide readers with brief insights into the evolving ransomware landscape and the Fortinet solutions that protect against those variants. This edition of the Ransomware Roundup covers the 8base ransomware. 8base ...
6 months ago Feeds.fortinet.com

Latest Cyber News

CVE-2024-34481 - 4 hours ago
CVE-2024-39943 - 7 hours ago
CVE-2024-39937 - 8 hours ago
CVE-2024-39936 - 9 hours ago
CVE-2024-39935 - 9 hours ago
CVE-2024-6488 - 9 hours ago
CVE-2024-37472 - 11 hours ago
CVE-2024-39934 - 11 hours ago
CVE-2024-6511 - 11 hours ago
CVE-2024-37474 - 11 hours ago
CVE-2024-37471 - 11 hours ago
CVE-2024-37476 - 12 hours ago
CVE-2024-6513 - 14 hours ago
CVE-2024-39933 - 14 hours ago
CVE-2024-39932 - 14 hours ago
CVE-2024-39931 - 14 hours ago
CVE-2024-39930 - 14 hours ago
CVE-2024-39929 - 15 hours ago
CVE-2024-21520 - 15 hours ago
CVE-2024-22277 - 16 hours ago

Cyber Trends (last 7 days)

Okta - 7 months ago
23andMe - 6 months ago
Kimsuky - 7 months ago
LogoFAIL - 6 months ago
Gh0st rat - 7 months ago

Trending Cyber News (last 7 days)

CVE-2024-34481 - 4 hours ago
CVE-2024-39937 - 8 hours ago
CVE-2024-39943 - 7 hours ago
CVE-2024-39936 - 9 hours ago
CVE-2024-39935 - 9 hours ago
CVE-2024-37476 - 12 hours ago
CVE-2024-37472 - 11 hours ago
CVE-2024-39934 - 11 hours ago
CVE-2024-6511 - 11 hours ago
CVE-2024-37474 - 11 hours ago
CVE-2024-37471 - 11 hours ago
CVE-2024-6513 - 14 hours ago
CVE-2024-39933 - 14 hours ago
CVE-2024-39932 - 14 hours ago
CVE-2024-39931 - 14 hours ago
CVE-2024-39930 - 14 hours ago
CVE-2024-22277 - 16 hours ago
CVE-2024-39929 - 15 hours ago
CVE-2024-5943 - 18 hours ago
CVE-2024-6507 - 18 hours ago