BlackCat Ransomware Raises Ante After FBI Disruption Krebs on Security Krebs on Security | Makemetechie.com Summary
News Summary
- Not long after the FBI’s seizure notice went live the homepage was “unseized” and retrofitted with a statement about the incident from the ransomware group’s perspective.The message that was briefly on the homepage of the BlackCat ransomware group this morning..
- BlackCat attacks usually involve encryption and theft of data; if victims refuse to pay a ransom, the attackers typically publish the stolen data on a BlackCat-linked darknet site.BlackCat formed by recruiting operators from several competing or disbanded ransomware organizations — including REvil, BlackMatter and DarkSide..
- The latter group was responsible for the Colonial Pipeline attack in May 2021 that caused nationwide fuel shortages and price spikes.Like many other ransomware operations, BlackCat operates under the “ransomware-as-a-service” model, where teams of developers maintain and update the ransomware code, as well as all of its supporting infrastructure..
- You can now block hospitals, nuclear power plants, anything, anywhere.”The crime group also said it was setting affiliate commissions at 90 percent, presumably to attract interest from potential affiliates who might otherwise be spooked by the FBI’s recent infiltration..
- Affiliates are incentivized to attack high-value targets because they generally reap 60-80 percent of any payouts, with the remainder going to the crooks running the ransomware operation.BlackCat was able to briefly regain control over their darknet server today..
- BlackCat also promised that all “advertisers” under this new scheme would manage their affiliate accounts from data centers that are completely isolated from each other.BlackCat’s darknet site currently displays the FBI seizure notice..
The U.S. Federal Bureau of Investigation (FBI) disclosed today that it infiltrated the worlds second most prolific ransomware gang, a Russiabased criminal group known as ALPHV and BlackCat. The FBI [+5013 chars]