Ransomware

BlackCat/ALPHV

First seen: 2021-11 • Status: disrupted

Disrupted by Law Enforcement

BlackCat was a dangerous ransomware gang that finally collapsed in 2024 after stealing from their own affiliates.

Overview

BlackCat/ALPHV was a sophisticated ransomware written in Rust. The FBI disrupted operations in late 2023, but they continued until exit-scamming in 2024.

Also Known As

ALPHV, Noberus

How It Spreads

  • Affiliates
  • Initial access brokers
  • Scattered Spider partnership

What It Does

  • File encryption
  • Triple extortion
  • Searchable leak site

Is your business exposed?

Target Platforms

Windows, Linux, VMware ESXi

Detection Tips

  • Monitor for Rust-based ransomware
  • Watch for BlackCat indicators

MITRE ATT&CK Techniques

T1486, T1567

If You're Infected

  1. 1.

    FBI decryptor may be available

  2. 2.

    Engage incident response

Related Malware

Lockbit 3, Black Basta

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices