"ALPHV Ransomware Gang Creates Searchable Database With Victim Data"

Known as BlackCat and Noberus, ALPHV emerged in November 2021 as the first ransomware family coded using the Rust programming language. To date, the ALPHV cybergang has compromised more than 100 organizations. Security researchers at Resecurity discovered that the group recently introduced a searchable database storing data stolen from victims and containing more than 100,000 documents. In a July 10 dark web forum post, the ALPHV cybergang announced that the database includes “documents (IDs, DL, SSN), access credentials, passwords, confidential information by company name,” and other information that employees and customers can search for. The search can be performed by name of the file/folders, but also content (of the file), including images. The researchers noted that the tool will find text recognized on the image, including in the body of the PDF document. According to Resecurity, the average ransom payment reached $570,000 in the first half of 2021 and almost doubled by 2022. Despite guidance not to pay, roughly half of the victims do pay to recover their data.

SecurityWeek reports: "ALPHV Ransomware Gang Creates Searchable Database With Victim Data"