1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • BlackCat ransomware gang shuts down servers after multi-million d

    From TechnologyDaily@1337:1/100 to All on Tue Mar 5 16:00:06 2024
    BlackCat ransomware gang shuts down servers after multi-million dollar UnitedHealth payout but is this really the end?

    Date:
    Tue, 05 Mar 2024 15:53:21 +0000

    Description:
    Affiliates fear a BlackCat rugpull, but the media believe we're in for a rebrand.

    FULL STORY ======================================================================

    The notorious BlackCat ransomware operator (also known as ALPHV) has apparentlly shut down its entire infrastructure, including servers, and websites.

    The circumstances leading up to the decision are unclear, but some things point to a possible exit scam.

    Over the weekend, the group shut down its negotiation sites and posted a message on the Tox messaging platform, reading Everything is off, we decide. Later during the day, the group changed the message to GG, short for good game. Gamers usually type GG when they concede and decide to quit the game. Ransomware as a service?

    While the group gave no explanation for its sudden termination, one of its affiliates claims to know what happened. Picked up by cybersecurity researchers Recorded Future, a message was posted by someone claiming to be a longtime BlackCat affiliate, who were also responsible for the attack on Change Healthcare.

    The attack, which was reported in late February this year, forced some of Change Healthcares services offline, and even affected local pharmacies. The company merged with Optum two years ago, in a $7.8 billion deal. Following
    the ransomware attack, the affiliate criminals claim, Optum paid $22 million in bitcoin (roughly 350 BTC) for sensitive data not to be released online,
    and for the group to provide the decryption key.

    Thats when ALPHV apparently decided to pull the plug. The operators work a ransomware-as-a-service (RaaS) model, where the affiliates get a cut of the ransom payment, but so do the operators. Apparently, there is no honor among thieves, and ALPHV decided to take the entire prize for itself.

    While that certainly sounds plausible, BleepingComputer also speculates that the shutdown could be a part of a rebranding effort. BlackCat has already rebranded once in the past and was, until 2020, known as DarkSide.

    The affiliates are now stuck with 4TB of Optums critical data, including operation data that will affect all Change Healthcare and Optum clients.

    Via BleepingComputer More from TechRadar Pro Change Healthcare hit by major cyberattack US health tech giant sees website taken offline, login pages unavailable Here's a list of the best firewalls around today These are the best endpoint security tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/blackcat-ransomware-gang-shuts-down-ser vers-after-multi-million-dollar-unitedhealth-payout-but-is-this-really-the-end


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)