Defiant BlackCat Gang Stands Up New Site, Calls for Revenge Attacks

  /     /     /  
Publicated : 23/11/2024   Category : security


Defiant BlackCat Gang Stands Up New Site, Calls for Revenge Attacks


Ransomware group tries to claw back operations following FBI disruption, and lifts a previous ban on attacks against critical infrastructure in retaliation.



BlackCat/ALPHV ransomware leaders claim they have restarted operations on the groups primary blog, despite the Department of Justice claim that it gained control of the site. Further, in retaliation for the law enforcement actions against the gang, they announced they have dropped a previous ban on cyberattacks against critical infrastructure.
BlackCat
also claimed that, beyond unseizing the sites, the decryption key being offered by the FBI is outdated and from an older blog, according to a reading of the
groups message
from Dec. 19 by Flashpoint researchers.
Its a bold claim, but experts have their doubts about BlackCats ability to mount such a quick comeback.
First, the data and server have indeed been
seized by the FBI
, and there are no takebacks, Steve Stone from Rubrik Zero Labs explains. Stone tells Dark Reading the idea of seizing and unseizing the site is being widely misunderstood in the public discourse.
Put simply, the
FBI and other law enforcement
organizations have successfully seized control of a data repository and also took control of/took down the ALPHV site they used to run their ransomware-as-a-service (RaaS) operations, Stone says. ALPHV has responded by spinning up a new server and applying their security key, which makes this the new site.
Next, the FBI will revert the new site to the old one already in their control, and the cycle continues, he predicts.
The FBI then works to revert it to the original/seized one, Stone says. Then ALPHV does it again, as we saw yesterday.
Meanwhile, the threat of fresh
cyberattacks on critical infrastructure
as a result of BlackCats lifting of restrictions for its affiliates is very real, cybersecurity insiders warn.
Given ALPHVs new stance, there is a real possibility of an increase in cyberattacks on critical infrastructure, says Chris Grove, director of cybersecurity strategy for Nozomi Networks. Organizations operating critical infrastructure should be on heightened alert, as these developments could re-awaken a dormant phase in cybercriminal tactics where CI is fair play.
Ransomware is a lucrative business and BlackCat isnt likely to give it up without a fight, Grove adds.
Although this groups operations are degraded, they might act out of desperation to maintain their image as a safe system for hackers to leverage for their criminal activities, Grove says. In a short period of time theyve been able to pull in $300 million to fund these types of operations, something they will fight for at the expense of our societys safety and peace.

Last News

▸ Criminal Possession of Government-Grade Stealth Malware ◂
Discovered: 23/12/2024
Category: security

▸ Senate wants changes to cybercrime law. ◂
Discovered: 23/12/2024
Category: security

▸ Car Sector Speeds Up In Security. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Defiant BlackCat Gang Stands Up New Site, Calls for Revenge Attacks