Happy New Year to one and all…well, except perhaps to the targets of this story. Just prior to the new year, the #darknet website for the AlphV/Blackcat #ransomware gang was replaced by a splash-page indicating that it had been seized by the Federal Bureau of Investigation (FBI).
Following this seizure, the U.S. Department of Justice announced that it had obtained the public/private keys controlling the criminal gang’s website and related infrastructure. According to the Cybersecurity and Infrastructure Security Agency, this gang victimized over 1,000 entities (75% of whom were in the U.S.), demanded over $500 million in ransom payments, and received nearly $300 million in extortion proceeds.
This criminal gang victimized some very recognizable companies in the healthcare, financial services, and manufacturing sectors. It also reported one of its victims to the U.S. Securities and Exchange Commission in an attempt to apply leverage to obtain an extortion payment.
Kudos to the international #lawenforcement effort on this victory. In addition to the Federal Bureau of Investigation (FBI) and U.S. Department of Justice, the U.S. Secret Service was also involved. So too were Europol, the German Federal Criminal Police Office, the national police forces of Australia, Spain, Estonia, and Austria, as well as the U.K.’s National Crime Agency (NCA).
#cybercrime #ransomwareattacks #AisA #justice #karma #digitalforensics #investigation #forensicinvestigation #DFIR #incidentresponse
Forensic Update 