"CISA, FBI Warn of Continued BlackCat Ransomware Activity"

The Federal Bureau of Investigation (FBI) and international law enforcement agencies disrupted some of the BlackCat ransomware group's operations two months ago, but elements of the group remain active, primarily targeting healthcare organizations. The FBI, the Department of Health and Human Services (HHS), and the Cybersecurity and Infrastructure Security Agency (CISA) released a new advisory on the group's activities, warning that BlackCat, also known as ALPHV, continues to operate despite law enforcement disruption and the release of a decryption tool for victims. The disruption allowed law enforcement to access the control panel used by the group's affiliates and collect about 1,000 public/private Tor key pairs used by the affiliates for leak sites, victim sites, and other sites. However, the disruption did not fully stop BlackCat's operations, as the administrator of the ransomware directed affiliates to target healthcare organizations shortly after the law enforcement action. This article continues to discuss the continuation of BlackCat ransomware activity.

Decipher reports "CISA, FBI Warn of Continued BlackCat Ransomware Activity"

Submitted by grigby1