Dark Web Spotlight: ALPHV/Black Cat
Table of contents
A new ransomware gang known as ALPHV, also known as Black Cat or Noberus, appeared in late November 2021. The ransomware is officially named ALPHV but is also referred to as Black Cat by @MalwareHunterTeam on Twitter due to the favicon of the Tor negotiation sites depicting a black cat icon. ALPHV uses a RaaS model and has spent time looking to recruit affiliates. ALPHV has posted to several Russian and Sino-Russian websites since its first post in November 2021. Their posts contain advertisements and presentations claiming “a new generation of ransomware.” The posts also brag about their entirely new code and decentralized architecture. ALPHV is also taking more steps to keep themselves secure by siloing attacks with one website per affected company and per affiliate. ALPHV offers an attractive pay percentage with somewhere between 80-90% of the ransom going to the affiliate. ALPHV is already being dubbed the most sophisticated ransomware of 2021. CybelAngel analysts suspect that ALPHV will become an important player in the ransomware scene as more victims are targeted. According to Cybersecurity Ventures, businesses worldwide are attacked using ransomware roughly every 11 seconds. The security firm projects that global ransomware losses will reach $20 billion this year. Locating and securing shadow assets is critical in preventing ransomware; services like Asset Discovery and Monitoring are vital in doing so.