Researchers at Recorded Future and MalwareHunterTeam have uncovered new highly refined ransomware called ALPHV (aka BlackCat) documented in the Rust programming language.
What has happened?
ALPHV is one of the foremost experienced ransomware crews to use Rust. This dangerous threat targets Windows, Linux, and VMWare ESXi systems.
- Experimenters claim that the author of BlackCat ransomware was previously implicated with REvil ransomware actions.
- ALPHV was discovered being suggested as RaaS on two cyber threat forums Exploit and XSS.
- The threat group uses a double fleecing model.
- It is examining partners and contributing up to 80%–90% ransom cut, based on the target value.
So far, the ransomware processes have targeted a few targets in the U.S., India, and Australia. The ransom requests vary between a few hundreds of thousands up to $3 worth of Bitcoin/Monero.
At present, the ALPHV ransomware group employs more than one leak site, with each site hosting data of only one or two victims.
- It is thought that these leak spots may be hosted by additional ALPHV affiliates, which describes the use of various leak URLs.
- The best initial entry vector is unknown. The detractors concentrate on stealing acute files and encrypting systems.
BlackCat is the foremost ransomware to use Rust and is a powerful threat. With its double fleecing skills, professionals believe that BlackCat would be a worthy successor to DarkSide and REvil. While the group is even in its early stages of growth, its progressive nature companies ought to be aware of the threat and execute proper defences.
If you have any doubts about aka blackcat, Don’t hesitate to contact us through the below email. Airzero Cloud will be your digital partner.
Email id: [email protected]
Author - Johnson Augustine
Cloud Architect, Ethical hacker
Founder: Airo Global Software Inc
LinkedIn Profile: www.linkedin.com/in/johnsontaugustine/