What is BlackCat Ransomware?

BlackCat Ransomware, also known as ALPHV, is a ransomware gang that first emerged in late 2021. The group operates under a RaaS model and utilizes a double extortion tactic. To gain initial access to a network, the hackers rely on stolen credentials obtained through access brokers. BlackCat has been linked to both DarkSide ransomware and BlackMatter ransomware suggesting that BlackCat is the successor or rebranding of both. BlackCat gained notoriety over the years by successfully extorting over 1,000 victims including Reddit, Moncler, Florida Int. University, Bandai Namco, and many more. 

Read more about this ransomware variant HERE.

$5 to $10 Million Reward for BlackCat Ransom Gang

December 19, 2023, the Justice Department disrupted BlackCat operations, seized multiple ALPHV/BlackCat sites, and released a decryption tool for victims to use freely. This tool enabled over 500 victims in restoring their computer systems, sparing them from ransom demands amounting to approximately $99 million.

As of February 15, 2024, the US Department of State is offering a $5 million reward for information on associates involved in BlackCat attacks that leads to their arrest or conviction. Furthermore, a $10 million reward is being offered for any leads on BlackCat leaders that result in their arrest or conviction. This reward announcement aligns seamlessly with the FBI’s announcement of collaboration with law enforcement groups in Germany, Denmark, Australia, Spain, and the UK. This reward is provided through the Department of State’s Transnational Organized Crime Rewards Program (TOCRP), aimed at bolstering global law enforcement endeavors to dismantle transnational crime and apprehend fugitives.

In more recent news, BlackCat was identified as the perpetrator behind an attack on Change Healthcare, a subsidiary technology unit of UnitedHealth on February 21, 2024.

Click HERE to learn more about Ransomware Prevention! We are available 24×7 to assist you with any of your ransomware needs.

Latest Ransomware Related Blogs

Ransomware impact on customer trust. lose-up of hands on a laptop keyboard with glowing code and digital particles floating around, giving a high-tech, programming or hacking impression.
Cloud ransomware vulnerability assessment. A hand holds a smartphone above an open laptop. On the laptop screen is a vivid red warning symbol with an exclamation mark inside a triangle, along with icons for email and settings. White arrows labeled "IN" and "OUT" point between the phone and laptop, suggesting a file upload or data transfer in progress. The scene conveys a cyberattack, security breach, or phishing warning.
Ransomware risk management framework. A professional wearing a blue shirt is interacting with a virtual, transparent interface emerging from their laptop. They use a stylus pen, suggesting precise control. Floating around their hands are various icons symbolizing technology, including cloud services, data analytics, global connectivity, finance or banking, and artificial intelligence. The image conveys the themes of digital transformation, data analysis, and secure management through technology.
Ransomware preparedness audits. A person dressed professionally is sitting at a laptop, typing on the keyboard. Around the laptop, there are virtual icons floating in the air, labeled with things such as problem-solving (a lightbulb icon), decision-making (gear icons with check and cross marks), and risk assessment (represented by a notepad icon). This image highlights a person engaged in analytical or cybersecurity-related work, emphasizing thoughtful decision-making.
Ransomware Rescue
Contact Alvaka