Links

Summary

Last Updated: 2022-06-07 20:36

Description

Is a ransomware variant and ransomware extortion group that first emerged around November 2021. The group operates under a Ransomware-as-a-Service (RaaS) model, where the original ransomware product is sold to affiliates in illicit underground hacking communities such as XSS and Exploit. (Overtoperator)
The threat actors leveraging BlackCat, often referred to as the 'BlackCat gang,' utilize numerous tactics that are becoming increasingly commonplace in the ransomware space. Notably, they use multiple extortion techniques in some cases, including the siphoning of victim data before ransomware deployment, threats to release data if the ransom is not paid and distributed denial-of-service (DDoS) attacks. (ETDA)

First Seen

18st November
First suspicious network activity had been observed on 3rd November

Motivation

Financial gains

Victims

Emsisoft has suggested that there may have been a total of 776 Alphv incidents since the ransomware's inception and pointed out that the group has also published on its leak site the stolen data of at least 40 organizations. (2022-04)
Country
Sector
Date
Romania
Heavy industries
23 January 2022
UK
Financial organizations
18 January 2022
Italy
Retail
17 January 2022
United States of America
Construction
17 January 2022
United States of America
Financial organizations
16 January 2022
China
Heavy industries
16 January 2022
United States of America
Heavy industries
16 January 2022
Bahamas
Local administrations
07 January 2022
United States of America
Food and drinks businesses
01 January 2022
Netherlands
Insurance services
01 January 2022
Germany
Technologies
01 January 2022
United States of America
Information technologies consulting
31 December 2021
United States of America
Financial organizations
29 December 2021
United States of America
Information technologies consulting
29 December 2021
Australia
Manufacturing
29 December 2021
United States of America
Technologies
29 December 2021
Canada
Energy
29 December 2021
France
Transportation Services
27 December 2021
Puerto Rico
Food and drinks businesses
24 December 2021
Spain
Pharmacy and drugs manufacturing
25 December 2021
United States of America
Technologies
22 December 2021
France
Information technologies consulting
19 December 2021
Germany
Transportation Services
19 December 2021
Unknown
Unknown
17 December 2021
Philippines
Retail
14 December 2021
United States of America
Mining
10 December 2021
United States of America
Engineering consulting
08 December 2021

RaaS Tax

  • For ransom payments up to USD 1.5 million, affiliates earn 80% of the final ransom.
  • For ransom payments up to USD 3 million, affiliates earn 85% of the final ransom.
  • For ransom payments above USD 3 million, affiliates earn 90% of the final ransom.
Last modified 5mo ago