The Week in Ransomware – March 8th 2024 – Waiting for the BlackCat rebrand

The Week in Ransomware - March 8th 2024 - Waiting for the BlackCat rebrand

March 8, 2024 at 06:40PM

The BlackCat/ALPHV ransomware gang has shut down after scamming an affiliate for $22 million, amidst increasing calls for a federal ban on ransom payments. Other ransomware activity includes various new variants identified by PCrisk and coordinated attacks by GhostSec and Stormous groups. The impact spans sectors from healthcare to beer production.

If you have any more questions or need further assistance, please feel free to ask.

Based on the provided meeting notes, it appears the ransomware gang ALPHV/BlackCat has been involved in multiple attacks on critical infrastructure, including the healthcare system in the US. The gang has shut down its servers amid claims that they scammed an affiliate responsible for an attack on Optum, operator of the Change Healthcare platform, of $22 million. Additionally, there are reports of new ransomware variants and attacks by other ransomware groups such as GhostSec, Stormous, MedusaLocker, and LockBit 3.0. It is noted that the FBI has indicated an increase in reported losses from cybercrimes and talk of a federal ban on ransom payments is getting louder.

The meeting notes also highlight incidents such as the ransomware attack on Duvel Moortgat Brewery, a cyber incident affecting UK’s nuclear submarine training provider Capita, and a data breach following a ransomware attack on Xplain, which impacted thousands of sensitive government files in Switzerland.

Furthermore, it mentions that Optum’s Change Healthcare has started to bring systems back online after suffering a crippling ransomware attack. It seems that the cybersecurity landscape remains turbulent with ongoing ransomware threats and attacks on critical infrastructures, increasing concerns about the financial impact and the need for regulatory action.

Full Article