BlackCat malware lashes out at US defense IT contractor • The Register
In Brief The BlackCat ransomware gang, also known as ALPHV, has allegedly broken into IT firm NJVC, a provider of services to civilian US government agencies and the Department of Defense.
DarkFeed, which monitors the dark web for ransomware intelligence, tweeted this week that BlackCat had added NJVC to its victims’ list, along with sharing a screenshot allegedly of ALPHV’s blog notifying NJVC that it had stolen data during its intrusion.
“We strongly recommend that you contact us to discuss your situation. Otherwise, the confidential data in our possession will be released in stages every 12 hours. There is a lot of material,” ALPHV said, per the screenshot.
Interestingly enough, ALPHV’s website went offline shortly after providing proof of the security breach, according to a tweet from malware watchers VX-Underground.
According to other sources, BlackCat’s website has since come back online, with NJVC’s entry conspicuously absent. Maybe someone realized publishing US Department of Defense data was a bad long-term career move? Or some agreement was come to.
BlackCat, which is also the name of the group’s signature malware coded in Rust, has apparently attacked 60 organizations around the globe since first appearing on the scene in late 2021. BlackCat, the ransomware, has been a prevalent part of the ransomware-as-a-service economy in its year of operation, Microsoft said, due to the choice of programming language.
“By using a modern language for its payload, this ransomware attempts to evade detection, especially by conventional security solutions,” Microsoft said. BlackCat has been seen targeting Windows, Linux, and VMware installations, Redmond said.
US Cold War spies hid Russian bugs where?
A stack of 1980s KGB documents obtained by a US journalist provides an interesting window into spy technology during the peak of the…