Security News > 2022 > April > FBI: BlackCat ransomware breached at least 60 entities worldwide
The Federal Bureau of Investigation says the Black Cat ransomware gang, also known as ALPHV, has breached the networks of at least 60 organizations worldwide between November 2021 and March 2022.
The flash alert is part of a series of similar reports highlighting the tactics, techniques, and procedures used by and indicators of compromise linked to ransomware variants identified during FBI investigations.
Since the start of the year, the FBI has issued other alerts underlining how ransomware gangs, including BlackByte, Ragnar Locker, and Avoslocker, are targeting and have already breached dozens of US critical infrastructure organizations.
A representative of the LockBit ransomware gang was first to expose the BlackCat / BlackMatter link one month after BlackCat ransomware's November 2021 launch.
In the Wednesday flash alert, the FBI also asked admins who detect BlackCat activity to share any related info with their local FBI Cyber Squad. Helpful information that would help track down and identify the threat actors behind this ransomware group includes "IP logs showing callbacks from foreign IP addresses, Bitcoin or Monero addresses and transaction IDs, communications with the threat actors, the decryptor file, and/or a benign sample of an encrypted file."
The FBI also shared mitigation measures to help network defenders block such attacks and strongly urged all BlackCat victims to report such incidents to their local FBI field office.