ALPHV was the second-most leveraged ransomware strain in North America and Europe between January 2022 and October 2023, just before the reported takedown of the group’s website, according to ZeroFox research.
The analysis found that ALPHV, aka BlackCat, accounted for around 11% of all ransomware and digital extortion (R&DE) attacks in North America over the 21-month period. This was second only to the LockBit collective.
ALPHV was also the second-most leveraged ransomware strain in Europe, accounting for 6% of all threats.
Additionally, the report found that ALPHV’s global activities increased significantly in 2023 compared to 2022, although there was a drop-off in Q3 2023.
The group’s biggest focus over the period was on organizations in North America, making up 56% of their attacks. This was followed by Europe, at 20%.
How Will ALPHV be Impacted by Rumoured Disruption?
Earlier this month (December 2023), it was reported that the ransomware-as-a-service (RaaS) gang suffered online disruption which intelligence experts have attributed to law enforcement action.
While the disruption is welcome, Daniel Curtis, Senior Intelligence Analyst at ZeroFox, emphasized that website outages are a fairly regularly occurrence for cybercrime groups, and will likely only result in a temporary suppression of the threat from its operatives.
“The extortion cartel’s blog is currently experiencing long periods of downtime, which happens from time to time in these ecosystems and is usually the result of an undisclosed law enforcement operation, inter-cartel strife, or network maintenance,” he noted.
Curtis added that in the unlikely event ALPHV affiliates are no longer able to deploy the strain, they will quickly pivot to oth ..
Support the originator by clicking the read the rest link below.
