0

BlackCat Ransomware becomes more lethal

The BlackCat ransomware, also known as ALPHV, is a prevalent threat and a prime example of the growing ransomware-as-a-service (RaaS) gig economy.
security
BugBase
July 16th 2022.

BlackCat Ransomware

The BlackCat ransomware, also known as ALPHV, is a prevalent threat and a prime example of the growing ransomware-as-a-service (RaaS) gig economy. The unusual programming language (Rust), the variety of target devices and potential entry points, and its association with active threat action organisations make it unique . The goal data is encrypted, exfiltrated, and used for “double extortion,” where attackers threaten to reveal the stolen material to the public if the ransom is not paid. However, BlackCat’s arrival and execution differ according to the actors employing it.

BlackCat was one of the first ransomware families created in the Rust programming language, and it was first noticed in November 2021. This ransomware makes an effort to avoid detection by employing a current language as its payload, especially by traditional security solutions that may still be catching up in their capacity to analyse and parse binaries generated in such language. BlackCat has the ability to target a variety of hardware and OSes.

RECENT ACTIVITY

The ALPHV/BlackCat ransomware organisation revealed last week that they had assembled a searchable database of information from victims who refused to pay the ransom. The hackers made it evident that the repositories had been indexed and that searching for material by filename or content found in documents and photographs was effective.

The accuracy of the data, which are taken from the “Collections” section of BlackCat’s leak site, may not be the finest. However, they nevertheless represent an advancement in the extortion tactics of online criminals.

The developers of the BlackCat ransomware assert that they do this to make it simpler for other thieves to locate passwords or private information about businesses. When they built a searchable website using information allegedly taken in an attack on an Oregon hotel and spa in the middle of June, the gang already gave this tactic a go. The website allowed staff and visitors to the spa facilities to determine whether their personal data had been taken during the ransomware assault.

This is a step forward in the extortion business as it puts pressure on the victim to pay the ransom and have the data removed from the web and avoid the potential risk of class action lawsuits.

HOW TO PROTECT AGAINST BLACKCAT RANSOMWARE

Making secure offsite backups.
Running up-to-date security solutions and ensuring that your computers are protected with the latest security patches against vulnerabilities.
Using hard-to-crack unique passwords to protect sensitive data and accounts, as well as enabling multi-factor authentication.
Encrypting sensitive data wherever possible.
Educating and informing staff about the risks and methods used by cybercriminals to launch attacks and steal data.
What is BugBase?
BugBase is a curated marketplace for ethical hackers that helps businesses and startups set up bug bounty programs. It is India’s first consolidated bug bounty platform, which assists organizations in staying safe by providing an all-in-one platform for continuous and comprehensive security testing.

Through BugBase registering and setting up your organisation’s bug bounty program is no less than a breeze. We also provide hackers and security professionals with the platform to directly get connected with organizations that have set up their bug bounty programs and get rewarded for the risks and vulnerabilities they find.

Thank you for being part of our BugFam! Stay up to date on our latest posts and hope you had a great week!

Join our discord community for regular updates and much more fun!!

Cheers,

BugBase Team

Let's take your security
to the next level

security