The FBI has sent a high alert on the BlackCat ransomware-as-a-Service, as the variant have affected at least 60 entities across the world from November 2021 to March 2022Â .
The BlackCat ransomware has been also known by the name ALPHV and Noberus, the ransomware is coded in the Rust programming language that is known by the memory safe and improved the performance gradually.
The developers and money launderers of BlackCat/APLHV are connected with BlackMatter/DarkSide as they have deeper connections with the ransomware universe, said the FBI in their advisory published last week.
The update from FBI came after reports from Kaspersky and Cisco Talos revealed the connection between BlackCat ransomware and BlackMatter ransomware families, including the use of altered version of data exfiltration tool that has been already seen in BlackMattter behavior.
Rust comes with some development-based advantages. However, the hackers also take advantage of lower detection ratio from static analysis tools as per the AT&T Alien Labs mentioned earlier. BlackCat is known for theft of victim data before encryption of the files using credential stealing malware to access the target system and its data.
As per Forescout’s Vedere Labs, an internet-exposed SonicWall firewall was penetrated to gain access to the network and then was later proceeded for encryption of VMware ESXi virtual farm. The BlackCat ransomware deployment has seen first on March 17, 2022. The victims are asked not to pay the ransoms and ensure they report ransomware incidents to the law enforcement agency as and when they are aware of it.
As per the FBI advisory, organizations are requested to review their domain controllers, workstations, active directories and servers for new or unrecognized user accounts, offline backups, implement network segmentation, apply software updates, ensure MFA data security and compliance protocols.
Subscribe to our newsletter for daily alerts on cyber events, you can also follow us on Facebook, Linkedin, and Twitter. You can reach out to us via Twitter/ Facebook or mail us at admin@thecybersecuritytimes.com for advertising requests.
Recast Software offers a suite of tools designed to enhance and simplify endpoint management in…
Patch My PC is a widely-used solution that simplifies third-party application management by automating app…
Explore the top 5 best Microsoft Intune alternatives, comparing key features, user reviews, and capabilities…
Discover the top 7 smartphones of 2024 with best security features, offering privacy, performance, and…
Discover the top 11 log management tools for efficient system management and monitoring. Learn about…
Explore the top 5 threat intelligence tools, their features, and how they enhance cybersecurity against…