What is BlackCat Ransomware?
BlackCat Ransomware, also known as ALPHV, is a ransomware gang that first emerged in late 2021. The group operates under a RaaS model and utilizes a double extortion tactic. To gain initial access to a network, the hackers rely on stolen credentials obtained through access brokers. BlackCat has been linked to both DarkSide ransomware and BlackMatter ransomware suggesting that BlackCat is the successor or rebranding of both. BlackCat gained notoriety over the years by successfully extorting over 1,000 victims including Reddit, Moncler, Florida Int. University, Bandai Namco, and many more.
Read more about this ransomware variant HERE.
$5 to $10 Million Reward for BlackCat Ransom Gang
December 19, 2023, the Justice Department disrupted BlackCat operations, seized multiple ALPHV/BlackCat sites, and released a decryption tool for victims to use freely. This tool enabled over 500 victims in restoring their computer systems, sparing them from ransom demands amounting to approximately $99 million.
As of February 15, 2024, the US Department of State is offering a $5 million reward for information on associates involved in BlackCat attacks that leads to their arrest or conviction. Furthermore, a $10 million reward is being offered for any leads on BlackCat leaders that result in their arrest or conviction. This reward announcement aligns seamlessly with the FBI’s announcement of collaboration with law enforcement groups in Germany, Denmark, Australia, Spain, and the UK. This reward is provided through the Department of State’s Transnational Organized Crime Rewards Program (TOCRP), aimed at bolstering global law enforcement endeavors to dismantle transnational crime and apprehend fugitives.
In more recent news, BlackCat was identified as the perpetrator behind an attack on Change Healthcare, a subsidiary technology unit of UnitedHealth on February 21, 2024.