AlphV re-emerged within hours of a law enforcement takedown of its infrastructure on Tuesday, claiming it had “unseized” its data leak site, according to threat researchers’ dark web observations.
The prolific ransomware group named a new victim organization and updated a post on a previously claimed victim since the FBI and international law enforcement agencies announced the takedown, according to Dark Web Informer.
Law enforcement agencies re-seized AlphV’s site hours after the group re-appeared and the threat group quickly set up a new site, according to Brett Callow, threat analyst at Emsisoft.
While threat groups often reorganize with new infrastructure and rebrand themselves, the abrupt materialization of new threats and posts on AlphV’s data leak site was extraordinary, according to cybersecurity experts.
“This is the first time I can recall threat actors and law enforcement wrestling for control of a site,” Callow said.
The current status and capacity of AlphV’s operations are unclear.
AlphV, also known as BlackCat, has compromised more than 1,000 entities and received nearly $300 million in ransom payments as of September, making it the second-most prolific ransomware as a service group in the world, according to the FBI and the Cybersecurity and Infrastructure Security Agency.
The group, which first emerged 18 months ago, directly claimed responsibility for recent attacks against Norton Healthcare, Fidelity National Financial and Tipalti. AlphV’s affiliate Scattered Spider, which used the AlphV ransomwa ..
Support the originator by clicking the read the rest link below.
