Published :
Updated :
For all latest news, follow The Financial Express Google News channel.
The United States Justice Department (DoJ) has successfully dismantled the notorious BlackCat ransomware operation, relieving over 500 victims who fell prey to the malicious software.
The DoJ has also taken a step further by releasing a decryption tool, enabling affected individuals to recover access to files previously locked by the pernicious malware.
This collaborative operation involved extensive support and coordination among law enforcement agencies from the United States, Germany, Denmark, Australia, the United Kingdom, Spain, Switzerland, and Austria.
According to court documents, the U.S. Federal Bureau of Investigation (FBI) strategically engaged a confidential human source (CHS) who served as an affiliate for the BlackCat group. The CHS managed to infiltrate a web panel used by the hackers to control and manipulate their victims, essentially turning the tables on cybercriminals.
BlackCat, also known by various aliases such as ALPHV, ALPHV-ng, GOLD BLAZER, and Noberus, first surfaced in December 2021 and quickly rose to become the world's second most prolific ransomware-as-a-service variant after LockBit.
Notably, BlackCat is distinctive for being the first ransomware strain based on the Rust programming language observed in the wild.
The impact of BlackCat has been widespread, with estimates suggesting that the ransomware has compromised over a thousand victims globally, illicitly amassing a staggering sum of nearly USD 300 million as of September 2023.
Operating on a ransomware-as-a-service model, BlackCat features a combination of core developers and affiliates. Affiliates, acting as accomplices, rent out the malware payload and play a pivotal role in identifying and targeting high-value victim institutions.
One hallmark tactic that BlackCat employs is the double extortion scheme, where pressure is exerted on victims to make ransom payments. This involves the hackers first exfiltrating sensitive data before encrypting it, giving them additional leverage over the targeted entities.
Earlier this year, BlackCat hackers executed a successful breach, stealing over 170 GB of data from Bangladesh Krishi Bank. Shockingly, the cyber attack went undetected for a dozen days, allowing the hackers to pilfer sensitive information from the financial institution.