BlackCat ransomware Archives - Security Affairs

Pierluigi Paganini September 13, 2024

Lehigh Valley Health Network hospital network has agreed to a $65 million settlement after data breach

Lehigh Valley Health Network ’s (LVHN) hospital network has agreed to a $65 million settlement in a class action lawsuit related to a data breach. Lehigh Valley Health Network (LVHN) is a large hospital and healthcare system based in Pennsylvania, USA. It operates numerous hospitals, health centers, and outpatient facilities across the region, including the […]

Pierluigi Paganini February 27, 2024

US pharmacy outage caused by Blackcat ransomware attack on Optum Solutions

A BlackCat ransomware attack hit UnitedHealth Group subsidiary Optum causing an outage impacting the Change Healthcare payment exchange platform. A ransomware attack hit the UnitedHealth Group subsidiary Optum leading to an outage impacting the Change Healthcare payment exchange platform. Optum Solutions is a subsidiary of UnitedHealth Group, a leading health insurance company in the United States. Optum Solutions […]

Pierluigi Paganini February 10, 2024

macOS Backdoor RustDoor likely linked to Alphv/BlackCat ransomware operations

Bitdefender Researchers linked a new macOS backdoor, named RustDoor, to the Black Basta and Alphv/BlackCat ransomware operations. Researchers from Bitdefender discovered a new macOS backdoor, dubbed RustDoor, which appears to be linked to ransomware operations Black Basta and Alphv/BlackCat. RustDoor is written in Rust language and supports multiple features. The malware impersonates a Visual Studio […]

Pierluigi Paganini October 26, 2023

Seiko confirmed a data breach after BlackCat attack

Japanese watchmaker Seiko revealed that the attack that suffered earlier this year was carried out by the Black Cat ransomware gang. On August 10, 2023, the Japanese maker of watches Seiko disclosed a data breach following a cyber attack. “Seiko Group Corporation (hereinafter referred to as “the Company” or “we”) has confirmed that on July […]

Pierluigi Paganini July 20, 2023

ALPHV/BlackCat and Clop gangs claim to have hacked cosmetics giant Estée Lauder

The American cosmetics giant company Estée Lauder was hacked by two distinct ransomware groups, the ALPHV/BlackCat and Clop gangs. Yesterday the cybersecurity expert @sonoclaudio first alerted me about a strange circumstance, two ransomware actors, ALPHV/BlackCat and Clop, claim to have hacked the cosmetics giant company Estée Lauder and added the company to their Tor leak […]

Pierluigi Paganini July 18, 2023

FIN8 Group spotted delivering the BlackCat Ransomware

The cybercrime group FIN8 is using a revamped version of the Sardonic backdoor to deliver the BlackCat ransomware. The financially motivated group FIN8 (aka Syssphinx) was spotted using a revamped version of a backdoor tracked as Sardonic to deliver the BlackCat ransomware (aka Noberus ransomware). Sardonic is a sophisticated backdoor that supports a wide range of features that was designed […]

Pierluigi Paganini June 01, 2023

BlackCat claims the hack of the Casepoint legal technology platform used by US agencies

The BlackCat ransomware gang claims to have hacked the Casepoint legal technology platform used US agencies, including SEC and FBI. The cybersecurity researcher Dominic Alvieri first noticed that the BlackCat ransomware gang added the company Casepoint to the list of victims on its Tor Dark Web site. Casepoint provides a leading legal discovery platform used by […]

Pierluigi Paganini May 23, 2023

BlackCat Ransomware affiliate uses signed kernel driver to evade detection

Experts spotted the ALPHV/BlackCat ransomware group using signed malicious Windows kernel drivers to evade detection. Trend Micro researchers shared details about ALPHV/BlackCat ransomware incident that took place on February 2023. A BlackCat affiliate employed signed malicious Windows kernel drivers to evade detection. Experts believe the driver is a new version of the malware reported in December 2022 […]

Pierluigi Paganini January 27, 2023

BlackCat Ransomware gang stole secret military data from an industrial explosives manufacturer

The BlackCat Ransomware group claims to have hacked SOLAR INDUSTRIES INDIA and to have stolen 2TB of “secret military data.” The BlackCat Ransomware gang added SOLAR INDUSTRIES INDIA to the list of victims published on its Tor leak site. The company is a globally recognised industrial explosives manufacturer, it provides complete blasting solutions, including packaged, […]

Pierluigi Paganini July 11, 2022

BlackCat (aka ALPHV) Ransomware is Increasing Stakes up to $2,5M in Demands

BlackCat (aka ALPHV) Ransomware gang introduced an advanced search by stolen victim’s passwords, and confidential documents. The notorious cybercriminal syndicate BlackCat competes with Conti and Lockbit 3.0. They introduced an advanced search by stolen victim’s passwords, and confidential documents leaked in the TOR network Resecurity (USA), a Los Angeles-based cybersecurity company protecting Fortune 500 companies, […]