"ALPHV/BlackCat Ransomware Servers Go Down"

According to security researchers at WithSecure, the ALPHV/BlackCat ransomware group’s operations seem to have halted amid allegations of defrauding an affiliate involved in the Optum attack, which targeted the Change Healthcare platform, resulting in a loss of $22m.  The researchers noted that over the weekend, negotiation sites linked to the ransomware activities were confirmed to have been shut down, indicating a possibly deliberate dismantling of the gang’s infrastructure.  However, the exact motive behind this shutdown remains ambiguous, with speculations ranging from a potential exit scam to a rebranding initiative.  Change Healthcare, a critical component of the US healthcare system was the primary target of the attack recently claimed by ALPHV/BlackCat.  An affiliate implicated in the assault accused the gang of excluding them and fleeing with the substantial ransom paid by Optum on March 1.  The researchers noted that the history of ALPHV/BlackCat, formerly known as DarkSide, is marked by various rebrands amid notable attacks and confrontations with law enforcement agencies.  Despite facing setbacks, the group has persisted, showcasing the difficulties in combating sophisticated cybercriminal enterprises.

Infosecurity Magazine reports: "ALPHV/BlackCat Ransomware Servers Go Down"