"New BlackCat Ransomware Variant Adopts Advanced Impacket and RemCom Tools"

Microsoft disclosed a new variant of the BlackCat ransomware, also known as ALPHV and Noberus, which incorporates tools such as Impacket and RemCom to facilitate lateral movement and Remote Code Execution (RCE). The Impacket tool has modules for credential dumping and remote service execution that could be used for widespread deployment of the BlackCat ransomware, according to the company's threat intelligence team. This version of BlackCat also includes the RemCom hacking tool for RCE. RemCom, an open-source alternative to PsExec, has been used by Chinese and Iranian nation-state threat actors such as Dalbit and Chafer to traverse victim environments. Redmond said it first observed the new variant in BlackCat affiliate attacks in July 2023. This article continues to discuss the new version of the BlackCat ransomware.

THN reports "New BlackCat Ransomware Variant Adopts Advanced Impacket and RemCom Tools"

Submitted by Anonymous on