This blog was made possible through contributions from Kat Metrick, Kevin Henson, Agnes Ramos-Beauchamp, Thanassis Diogos, and Diego Matos Martins.
BlackCat ransomware, which was among the top ransomware families observed by IBM Security X-Force in 2022, according to the 2023 X-Force Threat Intelligence Index, continues to wreak havoc across organizations globally this year. BlackCat (a.k.a. ALPHV) ransomware affiliates’ more recent attacks include targeting organizations in the healthcare, government, education, manufacturing and hospitality sectors. Reportedly, several of these incidents resulted in the group’s publishing of sensitive data to their leak site including financial and medical information stolen from the victim organizations.
Ransomware groups like BlackCat that are able to shift their tooling and tradecraft to make their operations faster and stealthier have a better chance of extending their lifespan. X-Force has observed BlackCat affiliates continue to hone their operations in order to increase the likelihood of successful impact, namely data theft and encryption. Attackers automated the data exfiltration portion of the operation using ExMatter, a custom malware capable of ‘melting’ (self-deletion). In addition, the BlackCat group recently released a new version of ..
Support the originator by clicking the read the rest link below.
