Home » Breaking Computer security Cyber Security data security Intruders Latest Cybersecurity News

FBI warns of BlackCat ransomware that has breached 60 entities worldwide

William Marshal Posted On April 25, 2022
0


BlackCat ransomware

The FBI has sent a high alert on the BlackCat ransomware-as-a-Service, as the variant have affected at least 60 entities across the world from November 2021 to March 2022 .

The BlackCat ransomware has been also known by the name ALPHV and Noberus, the ransomware is coded in the Rust programming language that is known by the memory safe and improved the performance gradually.

Relation between BlackMatter and BlackCat ransomware

The developers and money launderers of BlackCat/APLHV are connected with BlackMatter/DarkSide as they have deeper connections with the ransomware universe, said the FBI in their advisory published last week.

The update from FBI came after reports from Kaspersky and Cisco Talos revealed the connection between BlackCat ransomware and BlackMatter ransomware families, including the use of altered version of data exfiltration tool that has been already seen in BlackMattter behavior.

Key highlights on BlackCat ransomware and its modus operandi

Rust comes with some development-based advantages. However, the hackers also take advantage of lower detection ratio from static analysis tools as per the AT&T Alien Labs mentioned earlier. BlackCat is known for theft of victim data before encryption of the files using credential stealing malware to access the target system and its data.

As per Forescout’s Vedere Labs, an internet-exposed SonicWall firewall was penetrated to gain access to the network and then was later proceeded for encryption of VMware ESXi virtual farm. The BlackCat ransomware deployment has seen first on March 17, 2022. The victims are asked not to pay the ransoms and ensure they report ransomware incidents to the law enforcement agency as and when they are aware of it.

As per the FBI advisory, organizations are requested to review their domain controllers, workstations, active directories and servers for new or unrecognized user accounts, offline backups, implement network segmentation, apply software updates, ensure MFA data security and compliance protocols.

Subscribe to our newsletter for daily alerts on cyber events, you can also follow us on Facebook, Linkedin, and Twitter. You can reach out to us via Twitter/ Facebook or mail us at admin@thecybersecuritytimes.com for advertising requests.

Share the article with your friends




Author

William Marshal

William has been one of the key contributors to 'The Cybersecurity Times' with 9.5 years of experience in the cybersecurity journalism. Apart from writing, he also like hiking, skating and coding.

You may also like
Best Microsoft Intune Alternatives: Top 5 MDMs to Consider
November 4, 2024
Top 7 Best Smartphones with Best Security Features in 2024
October 13, 2024
Top 11 Log Management Tools for Efficient System Management
September 20, 2024
Leave A Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.