Two American Cybersecurity Workers Jailed for BlackCat Ransomware Attacks
The cybersecurity workers used their knowledge and skills to conduct ransomware attacks for notorious gang, rather than protect victims against them
BlackCat is a ransomware family covered through reported incidents, technical analysis, disruption efforts, and defensive guidance for security teams.
Search across headline titles and summaries.
Background for this topic.
BlackCat is a ransomware family known for its advanced encryption and modular design, enabling customization by operators. It targets enterprise environments by encrypting files and demanding cryptocurrency payments for decryption keys. BlackCat’s code supports multiple encryption algorithms and can adapt to different network architectures, increasing its effectiveness and evasion capabilities.
Security teams should monitor for signs of BlackCat’s multi-stage attacks, which often include credential compromise, lateral movement, and data exfiltration before encryption. Defenses that limit privilege escalation, enforce network segmentation, and detect unusual file access or encryption activity are critical. Understanding BlackCat’s tactics helps prioritize threat hunting and incident response efforts focused on preventing or mitigating ransomware impact in complex enterprise networks.
Weekly headline count for the current query.
The cybersecurity workers used their knowledge and skills to conduct ransomware attacks for notorious gang, rather than protect victims against them
A former ransomware negotiator has pleaded guilty to abusing his position by working with noted cybercrime group BlackCat
Truesec claims new Cicada3301 ransomware-as-a-service group could have ties to ALPHV/BlackCat and Brutus
GuidePoint has assessed with high confidence that the notorious Scattered Spider group has become an affiliate of RaaS operator RansomHub
UnitedHealth said it expects Change Healthcare’s key systems to be restored by March 18, amid reports it paid a $22m ransom to BlackCat
Speculations about the shut down range from a potential exit scam to a rebranding initiative
The US government advisory warns healthcare organizations are being targeted by BlackCat amid an ongoing cyber-incident affecting Change Healthcare
BlackCat ransomware resurfaces after FBI takedown attempt, defying law enforcement takedown
The FBI has developed a decryption key it believes will save over 500 victims around $68m
The group was second behind only LockBit in attacks targeting North America and Europe between January 2022 and October 2023
Notorious ransomware collective ALPHV/BlackCat may have been disrupted by law enforcement
The Alphv/BlackCat ransomware group has claimed responsibility for the attack
BlackCat tries unusual extortion technique
Nitrogen serves as initial-access malware, using obfuscated Python libraries for stealth
The breach exposed Seiko Watch Corporation customer, employment and personnel information
The Trend Micro report observed that small organizations are being increasingly targeted by ransomware gangs, including LockBit and BlackCat
The malware researchers' collective Vx-underground claimed that ALPHV/BlackCat was behind the attack against the casino giant
The ransomware group claimed to have downloaded 700GB of data from GSE
The BlackCat ransomware group has deployed a new binary to help with its intrusion efforts
According to Resecurity, the average ransomware payment increased by 82% since 2020