BlackCat / ALPHV
Threat Actor
BlackCat extorts money from targeted organizations by stealing sensitive data and threatening to release it publicly, and encrypting systems. But BlackCat goes one stage further and also threatens to launch a distributed denial-of-service (DDoS) attack if its demands are not met.
This technique is known as “triple extortion.”
BlackCat has gained traction since late 2021 by offering payouts to its affiliates of up to 90%.
Incidents Associated with this Threat
- July 23, 2023: Tempur Sealy International Suffers Cyberattack
- July 18, 2023: Cosmetic’s Giant Estée Lauder Suffers Breach
- May 9, 2023: Widespread Disruption at Norton Healthcare Operations after Ransomware Attack
- April 13, 2023: Ransomware Attack at NCR
- April 3, 2023: Ransomware Attack at Constellation Software; ALPHV Steals over 1TB Data
- February 9, 2023: Ransomware Attack Halts Operations at Ziegler Fire Engine Manufacturer
- January 8, 2023: BlackCat Ransomware Attack at Lehigh Valley Health Network
- December 11, 2022: Production Outage after Massive Ransomware Attack at Italian Fruttagel
- December 8, 2022: Disney Toy Maker Extorted by Two Ransomware Gangs
- September 8, 2022: Cyberattack Paralyzes Operations at Suffolk County Offices in NY
- August 29, 2022: GSE, Italy’s Energy Services Firm, Temporarily Takes Portals Offline
- August 23, 2022: Global Airline Technology Provider Accelya Hacked by AlphV/Black Cat.
- July 22, 2022: Blackcat / ALPHV Ransomware Attack Hits Luxembourg-based Critical Infrastructure Companies
- June 12, 2022: Energy Supplier Entega’s Customer Data Posted on the Dark Web after Ultimatum Expired
- May 31, 2022: AlphV Ransomware Gang attacks Canadian Defense Contractor
- April 20, 2022: Unidentified Automotive Supplier Breached Three Times within Two Months
- February 3, 2022: Ransomware Attack at Swiss Airport Services Firm
- January 29, 2022: German Oil Tank Farm Shut Down
Malware Used by this Threat Actor
No malware identified for this threat actor.