The US Federal Bureau of Investigation has reportedly taken down a website used by the BlackCat ransomware group, also known as Alphv. This may make it more difficult for hackers to extract payments from ransomware victims.
According to a screenshot that cybersecurity specialist Erik Westhovens shared on LinkedIn, the FBI worked with several agencies to seize the website. In addition to the Computer Crime and Intellectual Property department of the Ministry of Justice, European partners such as Europol and the Zentrale Kriminalinspektion Göttingen are also mentioned. Vx-underground, on the other hand, notes that there are indications that this is a further scam by the gang in question. For the time being, there is no official information available about the possible seizure of the website.
BleepingComputer confirms that BlackCat's so-called leak website has been inaccessible since Friday, followed by the negotiation sites on Monday. However, the medium does not mention who is responsible for discontinuing the pages. According to a Tox post from BlackCat, which BleepingComputer was able to view, all servers have indeed been disabled.
According to the US Department of Justice, BlackCat has already claimed more than 1,000 victims worldwide, including government agencies and emergency services. In December 2023, the FBI released a decryption tool for BlackCat ransomware that allows victims to regain access to their encrypted files. Thanks to this tool, a total of approximately $99 million in ransoms would have been avoided.
It is not clear what Alphv's plans are. It is not inconceivable that the hackers, like the LockBit ransomware group, will continue with a new website to carry out attacks. The website of LockBit, another notorious gang, was recently taken offline in a similar action.
:strip_exif()/i/2006504686.jpeg?f=imagenormal)