Waiting for the BlackCat rebrand

We saw another ransomware operation shut down this week after first getting breached by law enforcement and then targeting critical infrastructure, putting them further in the spotlight of the US government.
While the Tor onion domain seizure was a game of tug of war between the FBI and BlackCat, instead of shutting down, the ransomware gang decided to continue operating and vowed to target US critical infrastructure in revenge.
According to an affiliate, Optum, Change Healthcare's parent company and a subsidiary of UnitedHealth, paid a $22 million ransom to the ransomware operation to prevent the leaking of stolen data and to receive a file decryptor.
It is only a matter of time before we see the ransomware operation rebrand under a new name to repeat this cycle.
Finally, the Swiss government also warned that 65,000 of its documents were leaked as part of a Play ransomware attack on Xplain.
March 4th 2024 BlackCat ransomware turns off servers amid claim they stole $22 million ransom.
The ALPHV/BlackCat ransomware gang has shut down its servers amid claims that they scammed the affiliate responsible for the attack on Optum, the operator of the Change Healthcare platform, of $22 million.
PCrisk found new STOP ransomware variants that append the.
The BlackCat ransomware gang is pulling an exit scam, trying to shut down and run off with affiliates' money by pretending the FBI seized their site and infrastructure.
GhostSec's joint ransomware operation and evolution of their arsenal.
Talos observed the GhostSec and Stormous ransomware groups operating together to conduct several double extortion attacks using the GhostLocker and StormousX ransomware programs against the victims in Cuba, Argentina, Poland, China, Lebanon, Israel, Uzbekistan, India, South Africa, Brazil, Morocco, Qatar, Turkiye, Egypt, Vietnam, Thailand and Indonesia according to our assessment of the disclosure messages posted by the group in their Telegram channels and Stormous ransomware data leak site.
Duvel Moortgat Brewery was hit by a ransomware attack late last night, bringing to a halt the beer production in the company's bottling facilities.
Switzerland: Play ransomware leaked 65,000 government documents.
The National Cyber Security Centre of Switzerland has released a report on its analysis of a data breach following a ransomware attack on Xplain, disclosing that the incident impacted thousands of sensitive Federal government files.
Optum's Change Healthcare has started to bring systems back online after suffering a crippling BlackCat ransomware attack last month that led to widespread disruption to the US healthcare system.
GhostSec's joint ransomware operation and evolution of their arsenal New Makop ransomware variant.
Capita, company providing UK's nuclear submarine training, confirms 'cyber incident' New MedusaLocker ransomware variants.
Trans-Northern Pipelines investigating ALPHV ransomware attack claims.
BlackCat ransomware turns off servers amid claim they stole $22 million ransom.
Ransomware gang claims they stole 6TB of Change Healthcare data.


This Cyber News was published on www.bleepingcomputer.com. Publication date: Sat, 09 Mar 2024 15:40:24 +0000


Cyber News related to Waiting for the BlackCat rebrand

#StopRansomware: ALPHV Blackcat - The Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency are releasing this joint CSA to disseminate known IOCs and TTPs associated with the ALPHV Blackcat ransomware as a service identified through FBI ...
1 year ago Cisa.gov
BlackCat Ransomware Raises Ante After FBI Disruption - The U.S. Federal Bureau of Investigation disclosed today that it infiltrated the world's second most prolific ransomware gang, a Russia-based criminal group known as ALPHV and BlackCat. The FBI said it seized the gang's darknet website, and released ...
1 year ago Krebsonsecurity.com
LockBit ransomware now poaching BlackCat, NoEscape affiliates - The LockBit ransomware operation is now recruiting affiliates and developers from the BlackCat/ALPHV and NoEscape after recent disruptions and exit scams. Last week, the NoEscape and the BlackCat/ALPHV ransomware operation's Tor websites suddenly ...
1 year ago Bleepingcomputer.com
DOJ Seizes Ransomware Site as BlackCat Threatens More Attacks - U.S. law enforcement agencies said they shut down the online operations of the notorious Russia-linked BlackCat ransomware-as-a-service group and developed a decryption tool that will help more than 500 victims regain access to their encrypted data ...
1 year ago Securityboulevard.com
BlackCat Strikes Back: Ransomware Gang "Unseizes" Website, Vows No Limits on Targets - The BlackCat ransomware group, also known as Alphv, has started taking action in response to the recently announced law enforcement operation that involved website seizures and the release of a decryption tool. BlackCat's Tor-based leak website ...
1 year ago Securityweek.com
Waiting for the BlackCat rebrand - We saw another ransomware operation shut down this week after first getting breached by law enforcement and then targeting critical infrastructure, putting them further in the spotlight of the US government. While the Tor onion domain seizure was a ...
9 months ago Bleepingcomputer.com
BlackCat ransomware uses new 'Munchkin' Linux VM in stealthy attacks - The BlackCat/ALPHV ransomware operation has begun to use a new tool named 'Munchkin' that utilizes virtual machines to deploy encryptors on network devices stealthily. Manchkin enables BlackCat to run on remote systems or encrypt remote Server ...
1 year ago Bleepingcomputer.com
Law enforcement seizes ALPHV/Blackcat sites, offers decryptor to victims - The US Justice Department announced today a disruption campaign against the Blackcat/ALPHV ransomware group and let victims know that there is a decryptor they can use. Over the past 18 months, ALPHV/Blackcat has emerged as the second most prolific ...
1 year ago Helpnetsecurity.com
Feds Snarl ALPHV/BlackCat Ransomware Operation - After nearly two weeks of speculation, the US Department of Justice has claimed credit for the takedown of ALPHV/BlackCat leak sites and infiltrating the ransomware group's network. Experts speculate this could be a wrap for the ransomware group just ...
1 year ago Darkreading.com
Law Enforcement Reportedly Behind Takedown of BlackCat/Alphv Ransomware Website - The official leak website of the notorious ransomware group known as BlackCat and Alphv has been offline for days and law enforcement is believed to be behind the takedown. The Tor-based BlackCat/Alphv leak site has been inaccessible since December ...
1 year ago Securityweek.com
Feds seize AlphV/BlackCat domain but gang powers on The Register - The US Justice Department is passing a decryptor to more than 500 victims of AlphV/BlackCat's ransomware following a disruption campaign. It believes the decryptor, which will allow victims to recover from ransomware for free, will prevent $68 ...
1 year ago Go.theregister.com
Healthcare giant Henry Schein hit twice by BlackCat ransomware - American healthcare company Henry Schein has reported a second cyberattack this month by the BlackCat/ALPHV ransomware gang, who also breached their network in October. Henry Schein is a Fortune 500 healthcare products and services provider with ...
1 year ago Bleepingcomputer.com
FBI Disrupts BlackCat Ransomware Threat Group Activity - The U.S. Justice Department announced on December 19th that the Federal Bureau of Investigations had disrupted the BlackCat ransomware threat group's activity. The FBI offered a decryption tool to more than 500 affected victims. They also encourage ...
1 year ago Heimdalsecurity.com
BlackCat ransomware claims breach of healthcare giant Henry Schein - The BlackCat ransomware gang claims it breached the network of healthcare giant Henry Schein and stole dozens of terabytes of data, including payroll data and shareholder information. Henry Schein is a healthcare solutions provider and a Fortune 500 ...
1 year ago Bleepingcomputer.com
FBI VS. ALPHV/Blackcat: cybergang fights back - Seizure and decryption tool The Department of Justice recently published a press release stating that the FBI, supported by multiple government agencies in Europe, has been able to seize the official website of a cyber gang called BlackCat, also ...
11 months ago Pandasecurity.com
US govt probes if ransomware gang stole Change Healthcare data - The U.S. Department of Health and Human Services is investigating whether protected health information was stolen in a ransomware attack that hit UnitedHealthcare Group subsidiary Optum, which operates the Change Healthcare platform, in late ...
9 months ago Bleepingcomputer.com
LockBit is Recruiting Members of ALPHV/BlackCat and NoEscape Ransomware Outfit - Recruiting affiliates and developers from the troubled BlackCat/ALPHV and NoEscape ransomware operations is one of the calculated steps being taken by the LockBit ransomware group. An ideal opportunity emerged for LockBit to expand its network due to ...
1 year ago Cysecurity.news
FBI Seized ALPHV/Blackcat Ransomware Dark Web Site - Law enforcement agencies, including the FBI, the U.S. Department of Justice, and several European security organizations working under Europol, have successfully taken down the website belonging to the notorious cybercriminal ALPHV, also known as ...
1 year ago Cybersecuritynews.com
Law Enforcement Confirms BlackCat Take Down, Decryption Key Offered to - The takedown of the ALPHV/BlackCat ransomware group's leak site has been confirmed as a result of global law enforcement action. The FBI is now urging over 500 of the group's victims to come forward to receive a decryption key that will enable them ...
1 year ago Infosecurity-magazine.com
US Gov Disrupts BlackCat Ransomware Operation; FBI Releases Decryption Tool - The US government on Tuesday announced the disruption of the notorious BlackCat ransomware-as-a-service operation and released a decryption tool to help organizations recover hijacked data. The Justice Department said the disruption of BlackCat, also ...
1 year ago Securityweek.com
The Week in Ransomware - Earlier this month, the BlackCat/ALPHV ransomware operation suffered a five-day disruption to their Tor data leak and negotiation sites, rumored to be caused by a law enforcement action. The FBI revealed this week that they hacked the BlackCat/ALPHV ...
11 months ago Bleepingcomputer.com
Royal ransomware may soon rebrand, BlackSuit links confirmed The Register - The FBI and the US govt's Cybersecurity and Infrastructure Security Agency have released fresh guidance on the Royal ransomware operation, saying that evidence suggests it may soon undergo a long-speculated rebrand. The agencies didn't specify a ...
1 year ago Theregister.com
FBI: ALPHV ransomware raked in $300 million from over 1,000 victims - The ALPHV/BlackCat ransomware gang has made over $300 million in ransom payments from more than 1,000 victims worldwide as of September 2023, according to the Federal Bureau of Investigation. In the joint advisory published today in collaboration ...
1 year ago Bleepingcomputer.com
ALPHV ransomware site outage rumored to be caused by law enforcement - A law enforcement operation is rumored to be behind an outage affecting ALPHV ransomware gang's websites over the last 30 hours. The ALPHV negotiation and data leak sites suddenly became unavailable yesterday and continue to remain down today. ...
1 year ago Bleepingcomputer.com
ALPHV/BlackCat Takedown Appears to Be Law Enforcement Related - A Dark Web leak site known to be operated by the notorious ransomware group APLHV/BlackCat was taken offline on Dec. 7 and now threat intelligence experts have confirmed the outage is part of law enforcement action against the group. Dark Reading has ...
1 year ago Darkreading.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)