Security News > 2023 > August > Microsoft: BlackCat's Sphynx ransomware embeds Impacket, RemCom
Microsoft has discovered a new version of the BlackCat ransomware that embeds the Impacket networking framework and the Remcom hacking tool, both enabling spreading laterally across a breached network.
"Microsoft has observed a new version of the BlackCat ransomware being used in recent campaigns," posted Microsoft.
In addition to Impacket, Microsoft says that the encryptor embeds the Remcom hacking tool, which is a small remote shell that allows the encryptor to remotely execute commands on other devices on a network.
In a private Microsoft 365 Defender Threat Analytics advisory seen by BleepingComputer, Microsoft says they saw this new encrypted used by BlackCat affiliate 'Storm-0875' since July 2023.
Microsoft is identifying this new version as BlackCat 3.0, even though, as we previously said, the ransomware operation calls it 'Sphynx' or 'BlackCat/ALPHV 2.0' in communications with affiliates.
The ransomware gang has always been considered one of the most advanced and top-tier ransomware operations, constantly evolving its operation with new tactics.