Tuesday, December 19, 2023

FBI and Justice Department Disrupt Prolific ALPHV/Blackcat Ransomware Operation

The U.S. Justice Department, in a landmark operation, has successfully disrupted the BlackCat ransomware group, known as ALPHV or Noberus. This ransomware variant, emerging as one of the most prolific in the world, has targeted over 1,000 networks globally, including critical U.S. infrastructure.

In a strategic move, the FBI developed and distributed a decryption tool to more than 500 affected victims worldwide. This decisive action prevented ransom demands totaling approximately $68 million, significantly mitigating the group's financial impact.

BlackCat, operating on a ransomware-as-a-service model, has been notorious for its multiple extortion tactics. The affiliates first exfiltrate sensitive data before encrypting victim systems, intensifying pressure for ransom payment. Failure to pay often leads to public disclosure of the stolen data on dark web leak sites.

The operation's success highlights the FBI's commitment to combating cybercrime, with Deputy Director Paul Abbate emphasizing the agency's dedication to bringing cybercriminals to justice and providing assistance to victims. Acting Assistant Attorney General Nicole M. Argentieri reiterated this stance, promising continued efforts to dismantle cybercrime ecosystems.

The Justice Department urges any BlackCat ransomware victims to contact their local FBI office for assistance and information. The FBI has also released technical details about the malware, aiming to aid organizations in mitigating its effects.

This decisive action against BlackCat ransomware marks a significant stride in the fight against global cybercrime, showcasing the effectiveness of law enforcement in disrupting sophisticated cyber threats.

IoC

    MD5

  • 861738dd15eb7fb50568f0e39a69e107
  • 9f60dd752e7692a2f5c758de4eab3e6f
  • 09bc47d7bc5e40d40d9729cec5e39d73
  • f5ef5142f044b94ac5010fd883c09aa7
  • 84e3b5fe3863d25bb72e25b10760e861
  • 9f2309285e8a8471fce7330fcade8619
  • 6c6c46bdac6713c94debbd454d34efd9
  • e7ee8ea6fb7530d1d904cdb2d9745899
  • 815bb1b0c5f0f35f064c55a1b640fca5
  • 6c2874169fdfb30846fe7ffe34635bdb
  • 20855475d20d252dda21287264a6d860
  • 82db4c04f5dcda3bfcd75357adf98228
  • fcf3a6eeb9f836315954dae03459716d
  • 91625f7f5d590534949ebe08cc728380

REFERENCE

  • https://www.justice.gov/opa/pr/justice-department-disrupts-prolific-alphvblackcat-ransomware-variant
  • https://thehackernews.com/2023/12/fbi-takes-down-blackcat-ransomware.html?m=1


at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

En el contexto creciente de convergencia entre sistemas industriales, inteligencia artificial (IA) y digitalización, la gestión del riesgo c...