ALPHVthe well-known ransomware Also known as BlackCathas made headlines again.
Despite the intervention of theFBI which seemed to have at least weakened the cybercriminals’ infrastructure, the group once again made headlines with two operations involving financial companies, namely Prudential Financial e LoanDepot.
The group of cybercriminals limited themselves to reporting their names on their site, without offering further details on the campaign that led to the data theft.
As for Prudential Financial, apparently the negotiations for the return of files have been interrupted and, shortly, the data wrongly stolen from the company will be published free of charge on the aforementioned site.
LoanDepot, another BlackCat victim, is in a very different situation.
The new BlackCat campaign demonstrates how ransomware is still very dangerous
As for the second victim of the ransomware, the cybercriminal group has revealed its intention to sell the obtained files to the highest bidder.
LoanDepot reported the data breach earlier this year, with the company admitting it had suffered what it characterized as a generic “IT incident“.
For its part, over the course of the last week, Prudential Financial presented to the Securities and Exchange Commission (SEC) of the United States a document where the event was explained in depth. The latter is one of the largest financial services companies in existence, with more than 40,000 employees all over the world.
BlackCat, along with other groups like LockBit e Cl0p, represents one of the major global threats in the context of ransomware and, more generally, cybersecurity. Much of the spread of this attack is due to its formula Ransomware-as-a-Service (RaaS).
The birth of the collective, which took place almost three years ago, is most likely the result of the merger of two previous gangs of cybercriminals, namely DarkSide e BlackMatter.