Summary
Last Updated: 2022-06-07 20:36
Is a ransomware variant and ransomware extortion group that first emerged around November 2021. The group operates under a Ransomware-as-a-Service (RaaS) model, where the original ransomware product is sold to affiliates in illicit underground hacking communities such as XSS and Exploit. (Overtoperator)
The threat actors leveraging BlackCat, often referred to as the 'BlackCat gang,' utilize numerous tactics that are becoming increasingly commonplace in the ransomware space. Notably, they use multiple extortion techniques in some cases, including the siphoning of victim data before ransomware deployment, threats to release data if the ransom is not paid and distributed denial-of-service (DDoS) attacks. (ETDA)
18st November
First suspicious network activity had been observed on 3rd November
Financial gains
Emsisoft has suggested that there may have been a total of 776 Alphv incidents since the ransomware's inception and pointed out that the group has also published on its leak site the stolen data of at least 40 organizations. (2022-04)
Country | Sector | Date |
|---|---|---|
Romania | Heavy industries | 23 January 2022 |
UK | Financial organizations | 18 January 2022 |
Italy | Retail | 17 January 2022 |
United States of America | Construction | 17 January 2022 |
United States of America | Financial organizations | 16 January 2022 |
China | Heavy industries | 16 January 2022 |
United States of America | Heavy industries | 16 January 2022 |
Bahamas | Local administrations | 07 January 2022 |
United States of America | Food and drinks businesses | 01 January 2022 |
Netherlands | Insurance services | 01 January 2022 |
Germany | Technologies | 01 January 2022 |
United States of America | Information technologies consulting | 31 December 2021 |
United States of America | Financial organizations | 29 December 2021 |
United States of America | Information technologies consulting | 29 December 2021 |
Australia | Manufacturing | 29 December 2021 |
United States of America | Technologies | 29 December 2021 |
Canada | Energy | 29 December 2021 |
France | Transportation Services | 27 December 2021 |
Puerto Rico | Food and drinks businesses | 24 December 2021 |
Spain | Pharmacy and drugs manufacturing | 25 December 2021 |
United States of America | Technologies | 22 December 2021 |
France | Information technologies consulting | 19 December 2021 |
Germany | Transportation Services | 19 December 2021 |
Unknown | Unknown | 17 December 2021 |
Philippines | Retail | 14 December 2021 |
United States of America | Mining | 10 December 2021 |
United States of America | Engineering consulting | 08 December 2021 |
- For ransom payments up to USD 1.5 million, affiliates earn 80% of the final ransom.
- For ransom payments up to USD 3 million, affiliates earn 85% of the final ransom.
- For ransom payments above USD 3 million, affiliates earn 90% of the final ransom.
Last modified 9mo ago