HomeRisk ManagementsALPHV/BlackCat Ransomware Servers Experience Outage

ALPHV/BlackCat Ransomware Servers Experience Outage

Published on

spot_img

The recent halt in operations of the ALPHV/BlackCat ransomware group has raised suspicions of fraudulence towards an affiliate involved in the Optum attack. This attack targeted the Change Healthcare platform and resulted in a substantial loss of $22 million.

The shutdown of negotiation sites linked to the ransomware activities over the weekend suggests a deliberate dismantling of the gang’s infrastructure. However, the exact reason behind this shutdown remains unclear, leading to speculations ranging from a potential exit scam to a rebranding effort.

Change Healthcare, a crucial component of the US healthcare system, was the main target of the attack claimed by ALPHV/BlackCat. An affiliate linked to the assault has accused the gang of excluding them and taking off with a significant ransom paid by Optum on March 1.

Stephen Robinson, a senior threat intelligence analyst at WithSecure, commented on the situation, stating that the claim regarding the affiliate payment is interesting but may not be entirely trustworthy. He highlighted the importance of trust between affiliates and the core group in a Ransomware-as-a-Service operation, making it unusual for payment to be withheld or stolen. Robinson also emphasized the efforts made by cybercriminals to evade law enforcement and avoid attacks that draw international attention.

Ariel Parnes, the COO of Mitiga, pointed out that this incident showcases the complexity of RaaS operations and the need for government defenses against them. He highlighted the resilience of cybercrime groups and the importance of a multidimensional, international approach to combatting cyber threats. Parnes suggested integrating offensive cyber countermeasures with traditional national power tools to create a collective defense mechanism.

The history of the ALPHV/BlackCat group, previously known as DarkSide, has been marked by rebrands, notable attacks, and clashes with law enforcement agencies. Despite facing setbacks, the group has persisted, underscoring the challenges of combating sophisticated cybercriminal organizations.

Overall, the halt in ALPHV/BlackCat’s operations amidst allegations of defrauding an affiliate in the Optum attack raises questions about the integrity of ransomware groups and the ongoing battle against cyber threats. The incident serves as a reminder of the evolving nature of cybercrime and the need for a unified, strategic approach to cybersecurity at both national and international levels.

Source link

Latest articles

Attackers Abuse Google Ad Feature to Target Slack, Notion Users

 Attackers are once again abusing Google Ads to target people with info-stealing malware, this time...

Hackers allege to have infiltrated computer network of Israeli nuclear facility

An Iran-linked hacking group has declared that they successfully breached the computer network of...

Hacker allegedly uses white-hat approach to exploit crypto game for $4.6M

In a surprising turn of events, the food-themed crypto game Super Sushi Samurai fell...

Reducing Threats from the IABs Market

As ransomware attacks continue to escalate in frequency and severity, one of the key...

More like this

Attackers Abuse Google Ad Feature to Target Slack, Notion Users

 Attackers are once again abusing Google Ads to target people with info-stealing malware, this time...

Hackers allege to have infiltrated computer network of Israeli nuclear facility

An Iran-linked hacking group has declared that they successfully breached the computer network of...

Hacker allegedly uses white-hat approach to exploit crypto game for $4.6M

In a surprising turn of events, the food-themed crypto game Super Sushi Samurai fell...
en_USEnglish