A new strain of ransomware, named Embargo, written in Rust, recently surfaced along with its Darknet infrastructure. It uses double extortion tactics and is very reminiscent of a recently seized ALPHV group. The novice gang already boasts of 4 victims from different countries. Embargo Ransomware Discovered, Coded in Rust In May 2024, cybersecurity researchers discovered… Continue reading New Embargo Ransomware Discovered, Possible ALPHV Reborn
Tag: ALPHV/BlackCat
ALPHV Ransomware Shut Down, Exit Scam Supposed
On March 5, 2024, ALPHV/BlackCat ransomware claimed its shutdown, “due to the FBI takeover”. Despite the actions from law enforcement really happening to this gang before, there are quite a few signs of this being a false claim. Analysts suppose that ALPHV admins are just trying to pull an exit scam. ALPHV/BlackCat Ransomware Shuts Down… Continue reading ALPHV Ransomware Shut Down, Exit Scam Supposed
ALPHV Site Taken Down by the FBI
On December 19, 2023, one of the ALPHV/BlackCat ransomware sites was taken down by the FBI. The typical FBI banner now decorates its main, while other sites of the cybercrime gang are still online. This event is possibly related to the 5-day downtime of all the gang’s Darknet infrastructure a week ago. ALPHV/BlackCat Ransomware Site… Continue reading ALPHV Site Taken Down by the FBI
Tipalti, Roblox and Twitch Hacked by ALPHV/BlackCat
On December 3, 2023, ALPHV ransomware gang claimed hacking into a fintech software provider Tipalti, Roblox and Twitch, its clients. The approach, however, appears to be unusual, as the gang created a listing that says “but we’ll extort Roblox and Twitch, two of their affected clients, individually”. Criminals promise to publish updated posts on Monday… Continue reading Tipalti, Roblox and Twitch Hacked by ALPHV/BlackCat
Henry Schein was hacked twice by BlackCat ransomware
Henry Schein Global, a healthcare solutions provider, faced a persistent cybersecurity nightmare. The BlackCat/ALPHV ransomware gang is launching a second wave of attacks, claiming to have re-encrypted files after stalled negotiations. The company, headquartered in Melville, New York, is restoring systems. It happened after the cybercrime group took credit for an initial breach on October… Continue reading Henry Schein was hacked twice by BlackCat ransomware
ALPHV/BlackCat Ransomware Reports MeridianLink Hack To SEC
Ransomware Gang ALPHV Takes Unprecedented Step: Files SEC Complaint Over Alleged Victim’s Undisclosed Breach. And no, this is not a joke from ChatGPT. Hackers from BlackCat/ALPHV group found yet another way to make the victim pay the ransom. ALPHV Files SEC Compliant The ALPHV/BlackCat filed a complaint with the U.S. Securities and Exchange Commission (SEC)… Continue reading ALPHV/BlackCat Ransomware Reports MeridianLink Hack To SEC
FIN8 Updated Sardonic Backdoor to Deliver Noberus Ransomware
FIN8, an infamous group of cybercriminals, has updated its backdoor malware to avoid being detected. They made improvements and prepared to release a new type of crimeware called Noberus. This threat actor has returned after inactivity, using a modified version of their Sardonic backdoor to distribute the Noberus ransomware. This is a part of their… Continue reading FIN8 Updated Sardonic Backdoor to Deliver Noberus Ransomware
Barts NHS Trust Hacked by BlackCat/ALPHV Ransomware Group
A Russian cybercriminal gang BlackCat claims to have hacked into one of Britain’s most prominent hospital groups and threatens to release much of its sensitive data. Barts NHS Trust Attacked by ALPHV/BlackCat On June 30, Russian extortionist group BlackCat, aka ALPHV, claimed to have hacked into Barts Health NHS Trust, one of England’s most prominent… Continue reading Barts NHS Trust Hacked by BlackCat/ALPHV Ransomware Group
BlackCat Ransomware Employs Malvertising In Targeted Attacks
Recently malicious actors started using malvertising to spread BlackCat ransomware. They use cloned webpages of popular freeware applications, particularly WinSCP utility. Such downloads result in an infection chain, that consists of a dropper, a backdoor, and, finally, the ransomware. Operators Distributing Ransomware Disguised as WinSCP Researchers acknowledged that BlackCat operators were using malicious ads to… Continue reading BlackCat Ransomware Employs Malvertising In Targeted Attacks
Top famous Ransomware hack groups in 2022
Let’s have a look at the bad boys of this year. During 2022, the factions have been forming and forming again, but one thing is sure – they continue to exist. Despite all efforts, the problem of extortion programs continues to grow: a recent report by IS-Zscaler recorded an 80% increase in attacks by extortion… Continue reading Top famous Ransomware hack groups in 2022