Tag

Blackcat Ransomware

All articles tagged with #blackcat ransomware

cybersecurity1 year ago•5 min saved

Healthcare Cyberattacks: Ransomware Scams and Multi-Million Dollar Payments

The BlackCat ransomware gang is attempting an exit scam, falsely claiming that the FBI seized their infrastructure and shutting down their operation, while also attempting to sell the source code for $5 million. Affiliates have accused the gang of stealing a $22 million ransom payment, and law enforcement agencies have denied involvement in any disruption of the gang's infrastructure. This marks the latest in a series of rebranding and shutdowns for the group, whose reputation has been severely damaged, potentially impacting future criminal partnerships.

via BleepingComputer|

#blackcat-ransomware #cybersecurity #exit-scam

cybersecurity1 year ago•3 min saved

"BlackCat Ransomware Cyberattack Causes UnitedHealth Pharmacy Outages"

A cyberattack on UnitedHealth Group's subsidiary Optum, impacting the Change Healthcare payment exchange platform, has been linked to the BlackCat ransomware group. The ongoing outage has led to widespread billing outages across the U.S. healthcare system, with Optum providing daily incident updates and assuring that its own systems have not been affected. While UnitedHealth Group suspects "nation-state" hackers, sources claim the attack is linked to BlackCat, known for over 60 breaches and $300 million in ransom payments. The U.S. State Department is offering rewards for information on the ALPHV gang leaders and individuals linked to BlackCat ransomware attacks.

via BleepingComputer|

#blackcat-ransomware #change-healthcare #cyberattack

cybersecurity1 year ago•2 min saved

"Ransomware Cyberattack Disrupts US Pharmacies, Blamed on 'Nation-State'"

The 'Blackcat' ransomware gang is reportedly responsible for the recent outage at UnitedHealth's technology unit, causing disruptions in prescription deliveries at pharmacies across the United States. The hackers gained access to Change Healthcare's IT systems, triggering the six-day outage. Alphabet's cybersecurity unit Mandiant is investigating the breach, while the U.S. cyber watchdog agency and the FBI have yet to respond to the incident. The outage has impacted pharmacy chains like CVS Health and Walgreens, leading to significant backlogs of prescriptions and insurance claim transmission issues.

via Reuters|

#blackcat-ransomware #cybersecurity #pharmacy-outage

cybersecurity2 years ago•4 min saved

FBI Disrupts BlackCat Ransomware, but Hackers Vow Revenge

The FBI has disrupted the operations of the BlackCat ransomware gang by seizing their darknet website and releasing a decryption tool for over 500 victim companies. In response, BlackCat briefly regained control of their site and announced 90% commissions for affiliates, as well as removing restrictions on targeting hospitals and critical infrastructure. The group claims that an additional 3,000 victims will no longer receive decryption keys due to the FBI's actions. The DOJ is offering up to a $10 million reward for information on BlackCat affiliates.

via Krebs on Security|

#blackcat-ransomware #cybercrime #cybersecurity

cybersecurity2 years ago•1 min saved

Law Enforcement Strikes Back: Major Ransomware Gangs Taken Down, Victims Get Relief

The FBI has disrupted the BlackCat ransomware operation and released a decryption tool to help victims regain access to their files. The agency enlisted the help of a confidential human source to gain access to the gang's web panel. BlackCat, the second most prolific ransomware-as-a-service variant, uses a double extortion scheme and has compromised over 1,000 victims globally. The takedown has saved victims from $68 million in ransom demands and allowed the FBI to dismantle the group's TOR sites. Rival groups like LockBit are capitalizing on the situation by recruiting displaced affiliates.

via The Hacker News|

#blackcat-ransomware #cybersecurity #decryption-tool

cybersecurity2 years ago•5 min saved

FBI and Allies Disrupt Prolific ALPHV/Blackcat Ransomware Gang, Unlock Victims' Computers

The Justice Department has launched a disruption campaign against the Blackcat ransomware group, also known as ALPHV or Noberus, which has targeted over 1,000 victims worldwide, including networks supporting critical infrastructure in the US. The FBI has developed a decryption tool that has helped over 500 affected victims restore their systems, saving them from ransom demands totaling approximately $68 million. The FBI has also gained visibility into the Blackcat ransomware group's network and seized several websites operated by the group. Multiple foreign law enforcement agencies are conducting parallel investigations into the group's activities.

via Department of Justice|

#alphv #blackcat-ransomware #cybersecurity

cybersecurity2 years ago•3 min saved

Beware of BlackCat Gang's Malicious WinSCP Ads Spreading Ransomware

Threat actors associated with the BlackCat ransomware are using malvertising techniques to distribute rogue installers of the WinSCP file transfer application. By hijacking keywords and displaying bogus ads on search results pages, unsuspecting users searching for WinSCP are redirected to sketchy pages where they unknowingly download malware. The malware contains a Cobalt Strike Beacon that connects to a remote server for follow-on operations, and also utilizes legitimate tools like AdFind for network discovery. The attackers gain top-level administrator privileges, conduct post-exploitation activities, and attempt to set up persistence using remote monitoring and management tools. This incident highlights the ongoing threat of ransomware and the need for robust cybersecurity measures.

via The Hacker News|

#blackcat-ransomware #cobalt-strike #cybersecurity