February 9, 2024 at 04:09PM Bitdefender reports the discovery of the macOS backdoor RustDoor, linked to ransomware families Black Basta and Alphv/BlackCat. The malware supports Intel and Arm architectures and has been undetected since November 2023. It harvests and exfiltrates files, generates victim IDs, and has variants with different functionalities, including impersonating applications. From the … Read more
December 20, 2023 at 03:40PM BlackCat/ALPHV ransomware leaders claim they’ve restarted operations on their primary blog despite DOJ’s control. In response to law enforcement actions, they’ve lifted ban on cyberattacks against critical infrastructure. However, experts doubt their quick comeback ability. FBI seized server and data, but BlackCat set up a new site. Cybersecurity insiders warn … Read more
December 20, 2023 at 10:21AM The BlackCat ransomware group, Alphv, faced law enforcement action, leading to website seizures and a decryption tool release. After losing control of their Tor-based site, they established a new leak website and vowed retaliation. The Justice Department seized BlackCat’s communication sites, impacting their affiliates. Security experts anticipate the group may … Read more
December 19, 2023 at 06:50PM The US Department of Justice took down the ALPHV/BlackCat leak sites and infiltrated the ransomware group, potentially forcing its leadership into retirement and affiliates to find a new operator. The FBI is offering a free decryptor to help over 500 victims. The law enforcement action is intended to disrupt cybercrime … Read more
December 19, 2023 at 10:02AM The US Justice Department is distributing a decryptor to over 500 AlphV/BlackCat ransomware victims, aiming to prevent $68 million in ransom payments. This follows a joint operation with global authorities, which also defaced the group’s old leak site. Questions remain about the impact of the disruption campaign and the future … Read more
December 19, 2023 at 09:19AM The FBI successfully breached the ALPHV ransomware operation, obtaining decryption keys and monitoring the activities. Over 500 victims received free decryption keys. The FBI has seized the data leak site and created a free decryption tool. Affiliates are now contacting victims directly, and the operation may rebrand due to law … Read more
December 15, 2023 at 04:21PM Summary: Over the past two weeks, there have been notable developments in the ransomware landscape. The BlackCat/ALPHV drama continues, with affiliates reaching out to victims directly. The LockBit operation is exploiting this situation for recruitment. Various ransomware attacks and law enforcement actions have also been reported. Lastly, new ransomware variants … Read more
December 13, 2023 at 01:25PM LockBit ransomware operation is recruiting affiliates and developers from the recently disrupted BlackCat/ALPHV and NoEscape operations. NoEscape’s exit scam has raised concerns of lost ransom payments and decryption keys for victims, while BlackCat/ALPHV suffered a disruption possibly related to law enforcement. LockBitSupp, LockBit’s manager, seeks to recruit affiliates and a … Read more
December 11, 2023 at 05:54AM The BlackCat and Alphv ransomware group’s leak website has been offline for days, believed to be taken down by law enforcement. RedSense reports confirmation by BlackCat’s affiliates and other top-tier groups. The cybercriminals expect a restoration soon, with limited impact on their operation. BlackCat has been active and listed major … Read more
December 8, 2023 at 08:10PM The Dark Web leak site operated by the ransomware group ALPHV/BlackCat was taken offline on Dec. 7, possibly due to law enforcement action. RedSense Intelligence confirmed the takedown on social media, but its verification is pending. The group has targeted over 650 companies. Law enforcement is under scrutiny for not … Read more