Ransomware Group Launches Search Site for Stolen Data

ALPHV BlackCat is a RaaS, therefore the ALPHV BlackCat operators recruit affiliates to perform corporate breaches and encrypt devices. ALPHV ransomware executable is written in Rust, a programming language that, while not often used by malware creators, is gaining popularity because of its high efficiency and memory safety.

Ransomware-as-a-Service is an illicit ‘parent-affiliate(s)’ business infrastructure, in which operators (i.e., malicious software owner and/or developer) provision tools to affiliates (i.e., customers) for the purpose of carrying out ransomware attacks.

What Happened?

The ALPHV ransomware gang, also known as BlackCat has created a dedicated website that allows the customers and employees of their victims to check if their data was stolen in an attack.

As you might know, when ransomware gangs carry out attacks, they steal confidential business information, and once the threat actor has collected everything of value, they will begin to encrypt the devices.

After being stolen, the information is then used in double-extortion schemes, in which the hackers demand a ransom payment in order to give a decryptor and prevent the public release of company data.

Ransomware gangs will construct data leak sites on which they will gradually expose pieces of the stolen material or will contact customers and workers telling

Read More: https://heimdalsecurity.com/blog/ransomware-group-launches-search-site-for-stolen-data/