December 8, 2023 at 08:10PM
The Dark Web leak site operated by the ransomware group ALPHV/BlackCat was taken offline on Dec. 7, possibly due to law enforcement action. RedSense Intelligence confirmed the takedown on social media, but its verification is pending. The group has targeted over 650 companies. Law enforcement is under scrutiny for not being more aggressive against the group’s affiliates.
Based on the meeting notes, it appears that a Dark Web leak site operated by the ransomware group APLHV/BlackCat was taken offline on Dec. 7. Threat intelligence experts have confirmed that this outage is part of a law enforcement action against the group. RedSense Intelligence also confirmed this takedown on social media on Dec. 8. However, Dark Reading has not been able to independently verify the involvement of law enforcement in the takedown.
Since November 2021, BlackCat/ALPHV has listed more than 650 companies on its leak site. There has been scrutiny on law enforcement for not taking more aggressive action against BlackCat/ALPHV affiliates like Scattered Spider, a ransomware group behind cyberattacks against MGM Resorts, Caesars, and others. The FBI and CISA released a joint advisory on Nov. 16 regarding Scattered Spider, noting their use of BlackCat/ALPHV ransomware for cybercrimes. The situation is still developing.