ALPHV Ransomware Shut Down, Exit Scam Supposed

Hackers allegedly try to pull an exit scam

On March 5, 2024, ALPHV/BlackCat ransomware claimed its shutdown, “due to the FBI takeover”. Despite the actions from law enforcement really happening to this gang before, there are quite a few signs of this being a false claim. Analysts suppose that ALPHV admins are just trying to pull an exit scam. ALPHV/BlackCat Ransomware Shuts Down… Continue reading ALPHV Ransomware Shut Down, Exit Scam Supposed

ALPHV Site Taken Down by the FBI

One of ALPHV group's sites are taken down by the FBI

On December 19, 2023, one of the ALPHV/BlackCat ransomware sites was taken down by the FBI. The typical FBI banner now decorates its main, while other sites of the cybercrime gang are still online. This event is possibly related to the 5-day downtime of all the gang’s Darknet infrastructure a week ago. ALPHV/BlackCat Ransomware Site… Continue reading ALPHV Site Taken Down by the FBI

Tipalti, Roblox and Twitch Hacked by ALPHV/BlackCat

Cybercriminals posted a preliminary listing that says about the hack of several companies, and promises to leak the info in future

On December 3, 2023, ALPHV ransomware gang claimed hacking into a fintech software provider Tipalti, Roblox and Twitch, its clients. The approach, however, appears to be unusual, as the gang created a listing that says “but we’ll extort Roblox and Twitch, two of their affected clients, individually”. Criminals promise to publish updated posts on Monday… Continue reading Tipalti, Roblox and Twitch Hacked by ALPHV/BlackCat

Henry Schein was hacked twice by BlackCat ransomware

Healthcare company Henry Schein is restoring systems after a ransomware group re-encrypted files during negotiations.

Henry Schein Global, a healthcare solutions provider, faced a persistent cybersecurity nightmare. The BlackCat/ALPHV ransomware gang is launching a second wave of attacks, claiming to have re-encrypted files after stalled negotiations. The company, headquartered in Melville, New York, is restoring systems. It happened after the cybercrime group took credit for an initial breach on October… Continue reading Henry Schein was hacked twice by BlackCat ransomware

ALPHV/BlackCat Ransomware Reports MeridianLink Hack To SEC

Ransomware operators made use of the recent law to force the victim to pay the ransom

Ransomware Gang ALPHV Takes Unprecedented Step: Files SEC Complaint Over Alleged Victim’s Undisclosed Breach. And no, this is not a joke from ChatGPT. Hackers from BlackCat/ALPHV group found yet another way to make the victim pay the ransom. ALPHV Files SEC Compliant The ALPHV/BlackCat filed a complaint with the U.S. Securities and Exchange Commission (SEC)… Continue reading ALPHV/BlackCat Ransomware Reports MeridianLink Hack To SEC

FIN8 Updated Sardonic Backdoor to Deliver Noberus Ransomware

FIN8 cybercriminals group using a new type of malware called Noberus to avoid detection.

FIN8, an infamous group of cybercriminals, has updated its backdoor malware to avoid being detected. They made improvements and prepared to release a new type of crimeware called Noberus. This threat actor has returned after inactivity, using a modified version of their Sardonic backdoor to distribute the Noberus ransomware. This is a part of their… Continue reading FIN8 Updated Sardonic Backdoor to Deliver Noberus Ransomware

Barts NHS Trust Hacked by BlackCat/ALPHV Ransomware Group

Russian cybercrime group continues to terrorize the healthcare sector.

A Russian cybercriminal gang BlackCat claims to have hacked into one of Britain’s most prominent hospital groups and threatens to release much of its sensitive data. Barts NHS Trust Attacked by ALPHV/BlackCat On June 30, Russian extortionist group BlackCat, aka ALPHV, claimed to have hacked into Barts Health NHS Trust, one of England’s most prominent… Continue reading Barts NHS Trust Hacked by BlackCat/ALPHV Ransomware Group

BlackCat Ransomware Employs Malvertising In Targeted Attacks

Advertising used to annoy you with its presence, but now it's a threat

Recently malicious actors started using malvertising to spread BlackCat ransomware. They use cloned webpages of popular freeware applications, particularly WinSCP utility. Such downloads result in an infection chain, that consists of a dropper, a backdoor, and, finally, the ransomware. Operators Distributing Ransomware Disguised as WinSCP Researchers acknowledged that BlackCat operators were using malicious ads to… Continue reading BlackCat Ransomware Employs Malvertising In Targeted Attacks

Top famous Ransomware hack groups in 2022

The problem of Ransomware hack groups will remain actual in 2023

Let’s have a look at the bad boys of this year. During 2022, the factions have been forming and forming again, but one thing is sure – they continue to exist. Despite all efforts, the problem of extortion programs continues to grow: a recent report by IS-Zscaler recorded an 80% increase in attacks by extortion… Continue reading Top famous Ransomware hack groups in 2022