Latest ALPHV news

BlackCat ransomware shuts down in exit scam, blames the "feds"

The BlackCat ransomware gang is pulling an exit scam, trying to shut down and run off with affiliates' money by pretending the FBI seized their site and infrastructure.
- Ionut Ilascu
- March 05, 2024
- 10:49 AM
- 3
BlackCat ransomware turns off servers amid claim they stole $22 million ransom

The ALPHV/BlackCat ransomware gang has shut down its servers amid claims that they scammed the affiliate responsible for the attack on Optum, the operator of the Change Healthcare platform, of $22 million.
- Ionut Ilascu
- March 04, 2024
- 12:44 PM
- 1
Ransomware gang claims they stole 6TB of Change Healthcare data

The BlackCat/ALPHV ransomware gang has officially claimed responsibility for a cyberattack on Optum, a subsidiary of UnitedHealth Group (UHG), which led to an ongoing outage affecting the Change Healthcare platform.
- Sergiu Gatlan
- February 28, 2024
- 02:33 PM
- 0
FBI, CISA warn US hospitals of targeted BlackCat ransomware attacks

Today, the FBI, CISA, and the Department of Health and Human Services (HHS) warned U.S. healthcare organizations of targeted ALPHV/Blackcat ransomware attacks.
- Sergiu Gatlan
- February 27, 2024
- 05:26 PM
- 0
UnitedHealth subsidiary Optum hack linked to BlackCat ransomware

A cyberattack on UnitedHealth Group subsidiary Optum that led to an ongoing outage impacting the Change Healthcare payment exchange platform was linked to the BlackCat ransomware group by sources familiar with the investigation.
- Sergiu Gatlan
- February 26, 2024
- 07:13 PM
- 1
ALPHV ransomware claims loanDepot, Prudential Financial breaches

The ALPHV/Blackcat ransomware gang has claimed responsibility for the recent network breaches of Fortune 500 company Prudential Financial and mortgage lender loanDepot.
- Sergiu Gatlan
- February 16, 2024
- 06:46 PM
- 0
US offers up to $15 million for tips on ALPHV ransomware gang

The U.S. State Department is offering rewards of up to $10 million for information that could lead to the identification or location of ALPHV/Blackcat ransomware gang leaders.
- Sergiu Gatlan
- February 15, 2024
- 01:57 PM
- 0
Trans-Northern Pipelines investigating ALPHV ransomware attack claims

Trans-Northern Pipelines (TNPI) has confirmed its internal network was breached in November 2023 and that it's now investigating claims of data theft made by the ALPHV/BlackCat ransomware gang.
- Sergiu Gatlan
- February 14, 2024
- 10:24 AM
- 0
New RustDoor macOS malware impersonates Visual Studio update

A new Rust-based macOS malware spreading as a Visual Studio update to provide backdoor access to compromised systems uses infrastructure linked to the infamous ALPHV/BlackCat ransomware gang.
- Bill Toulas
- February 09, 2024
- 10:53 AM
- 1
Fidelity National Financial: Hackers stole data of 1.3 million people

Fidelity National Financial (FNF) has confirmed that a November cyberattack (claimed by the BlackCat ransomware gang) has exposed the data of 1.3 million customers.
- Bill Toulas
- January 10, 2024
- 03:32 PM
- 0
The Week in Ransomware - December 22nd 2023 - BlackCat hacked

Earlier this month, the BlackCat/ALPHV ransomware operation suffered a five-day disruption to their Tor data leak and negotiation sites, rumored to be caused by a law enforcement action.
- Lawrence Abrams
- December 22, 2023
- 04:20 PM
- 0
FBI: ALPHV ransomware raked in $300 million from over 1,000 victims

The ALPHV/BlackCat ransomware gang has made over $300 million in ransom payments from more than 1,000 victims worldwide as of September 2023, according to the Federal Bureau of Investigation (FBI).
- Sergiu Gatlan
- December 19, 2023
- 02:32 PM
- 0
How the FBI seized BlackCat (ALPHV) ransomware’s servers

An unsealed FBI search warrant revealed how law enforcement hijacked the ALPHV/BlackCat ransomware operations websites and seized the associated URLs.
- Lawrence Abrams
- December 19, 2023
- 12:27 PM
- 0
FBI disrupts Blackcat ransomware operation, creates decryption tool

The Department of Justice announced today that the FBI successfully breached the ALPHV ransomware operation's servers to monitor their activities and obtain decryption keys.
- Lawrence Abrams
- December 19, 2023
- 09:16 AM
- 0
The Week in Ransomware - December 15th 2023 - Ransomware Drama

The big news over the past two weeks is the continued drama plaguing BlackCat/ALPHV after their infrastructure suddenly stopped working for almost five days. Multiple sources told BleepingComputer that this outage was related to a law enforcement operation, but BlackCat claims the outages were caused by a hardware/hosting issue.
- Lawrence Abrams
- December 15, 2023
- 04:18 PM
- 0
LockBit ransomware now poaching BlackCat, NoEscape affiliates

The LockBit ransomware operation is now recruiting affiliates and developers from the BlackCat/ALPHV and NoEscape after recent disruptions and exit scams.
- Lawrence Abrams
- December 13, 2023
- 01:22 PM
- 0
Norton Healthcare discloses data breach after May ransomware attack

Kentucky health system Norton Healthcare has confirmed that a ransomware attack in May exposed personal information belonging to patients, employees, and dependents.
- Sergiu Gatlan
- December 08, 2023
- 06:28 PM
- 0
ALPHV ransomware site outage rumored to be caused by law enforcement

A law enforcement operation is rumored to be behind an outage affecting ALPHV ransomware gang's websites over the last 30 hours.
- Lawrence Abrams
- December 08, 2023
- 01:30 PM
- 0
HTC Global Services confirms cyberattack after data leaked online

IT services and business consulting company HTC Global Services has confirmed that they suffered a cyberattack after the ALPHV ransomware gang began leaking screenshots of stolen data.
- Lawrence Abrams
- December 05, 2023
- 06:54 PM
- 0
Tipalti investigates claims of data stolen in ransomware attack

Tipalti says they are investigating claims that the ALPHV ransomware gang breached its network and stole 256 GB of data, including data for Roblox and Twitch.
- Lawrence Abrams
- December 04, 2023
- 02:22 PM
- 0