All articles tagged with #alphv
Two cybersecurity professionals pleaded guilty to running ransomware attacks using their skills to extort victims, including a medical device company that paid $1.2 million, with plans for sentencing in March. They were involved with the ALPHV BlackCat ransomware group, known for major attacks like on Change Healthcare, and face potential 20-year sentences.
UnitedHealth Group is recovering from a major cyberattack by the hacking group ALPHV, impacting its subsidiary Change Healthcare, which processes billions of healthcare transactions annually. The attack targeted pharmacy, medical claims, and payment systems, affecting patient care and hospital operations. The company is making progress in restoring services, with electronic payments and pharmacy network services mostly restored. The Department of Health and Human Services is investigating the breach, and the American Hospital Association called it the most significant cyberattack on the U.S. healthcare system. UnitedHealth Group has paid over $2 billion to assist affected healthcare providers, and the FBI disrupted some of BlackCat's operations in December 2023.
The group behind the Change Healthcare cyberattack, ALPHV/BlackCat, received over $22 million in Bitcoin, possibly as a ransomware payment. It's suggested that the money may have been stolen from their affiliate crew. The affiliates claim to still have 4TB of sensitive data and have issued a warning about dealing with ALPHV. The cyberattack disrupted services at thousands of US pharmacies, and the situation is still under investigation.
The hackers behind the ransomware attack on Change Healthcare, known as AlphV, have reportedly received a $22 million payment in Bitcoin, likely as a ransom from the victim. A dispute within the criminal underground revealed this development, with evidence pointing to the large transaction as proof of payment. Both Recorded Future and TRM Labs have connected the Bitcoin address to the AlphV hackers, indicating a concerning trend in ransomware attacks.
A Russian-speaking ransomware syndicate known as AlphV, also called Black Cat, has caused chaos in the US prescription market by targeting the biggest health care payment processor, Optum. This has led to pharmacies, health care providers, and patients struggling to fill prescriptions for lifesaving medicines. The outage, which has lasted for nine days, highlights the devastating impact of ransomware attacks on critical infrastructure, with AlphV being a major contributor to the ransomware menace, having collected over $300 million in ransoms.
A ransomware attack by the ALPHV gang has disrupted prescription processing for millions of Americans, affecting UnitedHealthcare's Change Health business unit and leading to widespread impacts on pharmacies and patients. The attack has forced some to pay exorbitant prices for medication or go without, with pharmacies struggling to process claims and facing cash-flow issues. The incident highlights the vulnerability of critical infrastructure and the ongoing threat posed by ransomware groups, despite previous law enforcement efforts to disrupt them.
The FBI engaged in a back-and-forth battle with the ransomware group AlphV after seizing the group's dark-web site and disrupting its operations. The FBI released a software tool to help victims restore their systems, but AlphV claimed that the disruption would prevent data belonging to 3,000 additional victims from being decrypted. The FBI and AlphV exchanged control of the dark-web site, with each party replacing the other's notices. AlphV has now removed restrictions on affiliates, allowing them to target hospitals and critical infrastructure, except in the Commonwealth of Independent States. The ongoing struggle highlights the challenges of law enforcement in dealing with ransomware groups operating on the dark web.
The United States Department of Justice, along with international law enforcement agencies, conducted a takedown of infrastructure related to the ransomware gang Alphv (also known as BlackCat). However, the gang's dark-web site briefly came back online with a defiant message before law enforcement regained control. Alphv has targeted over 1,000 victims worldwide, including critical infrastructure in the US, and has been one of the most prolific ransomware-as-a-service variants, earning hundreds of millions of dollars. The takedown did not result in sanctions or indictments, highlighting the challenges of dealing with cybercriminals based in Russia. The effort involved collaboration from multiple countries, and a decryptor tool developed by the FBI has already helped over 500 victims recover from attacks and avoid paying $68 million in ransoms.
Law enforcement agencies from multiple countries, including the FBI, have seized the dark web leak site of the notorious ransomware gang ALPHV, also known as BlackCat. The takedown operation involved agencies from the United Kingdom, Denmark, Germany, Spain, and Australia. The FBI released a decryption tool that has helped over 500 ALPHV ransomware victims restore their systems, saving them from paying approximately $68 million in ransom demands. The gang, which targeted critical infrastructure and various organizations globally, claimed to have compromised high-profile victims such as Reddit, Norton, and the U.K.'s Barts Health NHS Trust.
The Justice Department has launched a disruption campaign against the Blackcat ransomware group, also known as ALPHV or Noberus, which has targeted over 1,000 victims worldwide, including networks supporting critical infrastructure in the US. The FBI has developed a decryption tool that has helped over 500 affected victims restore their systems, saving them from ransom demands totaling approximately $68 million. The FBI has also gained visibility into the Blackcat ransomware group's network and seized several websites operated by the group. Multiple foreign law enforcement agencies are conducting parallel investigations into the group's activities.