Known by many names, including ALPHV, AlphaV, ALPHVM, and Noberus, BlackCat ransomware made headlines for its successive attacks on high-profile targets. Like Black Basta and Lockbit, it also operates under the Ransomware-as-a-Service (RaaS) model and uses double and sometimes triple extortion techniques.
BlackCat uses its public leak site to intimidate victims, where anyone can search and access the leaked victim information easily. The highest ransom they have demanded so far is $14 million and it’s speculated that it has similarities with ransomware families like Darkside, Blackmatter, and REvil in regard to the tools, filenames, and techniques they use. To read more about means of protecting your organisation against Black Cat, read our blog on the link below.
https://www.logpoint.com/en/blog/hunting-and-remediating-blackcat-ransomware/#detecting-blackcat