"ALPHV Ransomware Adds Data Leak API in New Extortion Strategy"

The ALPHV ransomware group, also known as BlackCat, is attempting to increase the pressure on their victims to pay a ransom by providing an Application Programming Interface (API) for their leak site in order to increase the visibility of their attacks. This action follows the recent breach of Estée Lauder, which resulted in the beauty company disregarding the threat actor's attempts to negotiate a ransom payment. Multiple researchers recently observed that the ALPHV/BlackCat data leak site added a new page with instructions on how to use their API to get timely updates about new victims. The malware research group VX-Underground warned of the new section on the gang's site. However, the "feature" appears to have been partially available to a limited audience for months. The ransomware group published API calls that could be used to fetch information about new victims added to their leak site or updates starting on a specific date. This article continues to discuss the ALPHV/BlackCat ransomware gang providing an API for their leak site to increase visibility for their attacks.

Bleeping Computer reports "ALPHV Ransomware Adds Data Leak API in New Extortion Strategy"