THREAT ACTOR: BlackCat / ALPHV
BlackCat extorts money from targeted organizations by stealing sensitive data and threatening to release it publicly, and encrypting systems. But BlackCat goes one stage further and also threatens to launch a distributed denial-of-service (DDoS) attack if its demands are not met.
This technique is known as “triple extortion.”
BlackCat has gained traction since late 2021 by offering payouts to its affiliates of up to 90%.
Incidents Associated with this Threat
- July 22, 2022: Blackcat / ALPHV Ransomware Attack Hits Luxembourg-based Critical Infrastructure Companies
- June 12, 2022: Energy Supplier Entega’s Customer Data Posted on the Dark Web after Ultimatum Expired
- April 20, 2022: Unidentified Automotive Supplier Breached Three Times within Two Months
- February 3, 2022: Ransomware Attack at Swiss Airport Services Firm
- January 29, 2022: German Oil Tank Farm Shut Down
Malware Used by this Threat Actor
No malware identified for this threat actor.