The US Department of Justice has launched a targeted campaign against the Blackcat ransomware group, also known as ALPHV or Noberus. This group has been responsible for attacking the computer networks of over 1,000 victims, including those supporting critical infrastructure in the United States.
To counter this threat, the FBI has developed a decryption tool enabling its field offices across the country and global law enforcement partners to assist more than 500 affected victims in restoring their systems. Collaborating with numerous victims both domestically and internationally, the FBI's efforts have prevented ransom demands totaling approximately $68 million.
As part of the investigation, the FBI gained visibility into the Blackcat ransomware group's network and seized multiple websites operated by the group. Deputy Attorney General Lisa O. Monaco emphasized that by disrupting the Blackcat ransomware group, the Justice Department effectively "hacked the hackers." The FBI's provision of a decryption tool allowed businesses, schools, and essential services to resume operations.
However, reports suggest that Blackcat claims to have regained control of its site, asserting that the FBI possesses decryption keys for only around 400 companies, leaving more than 3,000 victims with encrypted data. Additionally, the group reportedly removed restrictions on affiliates targeting critical infrastructure, such as hospitals and nuclear power plants.
Deputy Director Paul Abbate of the FBI emphasized the agency's unwavering commitment to bringing cybercriminals to justice and its determination to thwart ransomware campaigns targeting critical infrastructure and beyond. An unsealed warrant revealed that Blackcat actors have compromised computer networks in the US and globally.
The Blackcat ransomware group's disruptive activities have impacted various sectors, including government facilities, emergency services, defense industrial base companies, critical manufacturing, healthcare, and public health facilities, as well as other corporations, government entities, and schools. Operating on a ransomware-as-a-service model, Blackcat developers are responsible for creating, updating, and maintaining the illicit internet infrastructure supporting their operations. The FBI remains steadfast in its efforts to combat cyber threats and protect critical infrastructure from ransomware attacks.
(With Agency Inputs)
Read also| FBI witnesses uptick in reported threats amid Israel-Hamas conflict
Read also| FBI Prioritizes 'Elevated' External Influence Concerns in 2024 Presidential Elections
