Last Updated: 2022-06-07 20:36
Is a ransomware variant and ransomware extortion group that first emerged around November 2021. The group operates under a Ransomware-as-a-Service (RaaS) model, where the original ransomware product is sold to affiliates in illicit underground hacking communities such as XSS and Exploit. (Overtoperator)
The threat actors leveraging BlackCat, often referred to as the 'BlackCat gang,' utilize numerous tactics that are becoming increasingly commonplace in the ransomware space. Notably, they use multiple extortion techniques in some cases, including the siphoning of victim data before ransomware deployment, threats to release data if the ransom is not paid and distributed denial-of-service (DDoS) attacks. (ETDA)
First suspicious network activity had been observed on 3rd November
Emsisoft has suggested that there may have been a total of 776 Alphv incidents since the ransomware's inception and pointed out that the group has also published on its leak site the stolen data of at least 40 organizations. (2022-04)
- For ransom payments up to USD 1.5 million, affiliates earn 80% of the final ransom.
- For ransom payments up to USD 3 million, affiliates earn 85% of the final ransom.
- For ransom payments above USD 3 million, affiliates earn 90% of the final ransom.