Security News > 2022 > September > BlackCat Ransomware Attackers Spotted Fine-Tuning Their Malware Arsenal

BlackCat Ransomware Attackers Spotted Fine-Tuning Their Malware Arsenal
2022-09-26 10:33

The BlackCat ransomware crew has been spotted fine-tuning their malware arsenal to fly under the radar and expand their reach.

ALPHV is also one of the first ransomware strains to be programmed in Rust, a trend that has since been adopted by other families such as Hive and Luna in recent months to develop and distribute cross-platform malware.

The latest refinements concern Exmatter, a data exfiltration tool used by BlackCat in its ransomware attacks.

BlackCat has also been recently observed using the Emotet malware as an initial infection vector, not to mention witnessing an influx of new members from the now-defunct Conti ransomware group following the latter's withdrawal from the threat landscape this year.

News of BlackCat adding a revamped slate of tools to its attacks arrives as a developer associated with the LockBit 3.0 file-encrypting malware allegedly leaked the builder used to create bespoke versions, prompting concerns that it could lead to more widespread abuse by other less skilled actors.

Over the past two years, Babuk and Conti ransomware groups have suffered similar breaches, effectively lowering the barrier for entry and enabling malicious actors to quickly launch their own attacks.


News URL

https://thehackernews.com/2022/09/blackcat-ransomware-attackers-spotted.html