Security News > 2024 > March > Possible China link to Change Healthcare ransomware attack
A criminal claiming to be an ALPHV/BlackCat affiliate - the gang responsible for the widely disruptive Change Healthcare ransomware infection last month - may have ties to Chinese government-backed cybercrime syndicates.
"Some of our HUMINT sources with direct contact to Notchy says it's high probability that Notchy is associated with China Nation-State groups," Menlo's threat intel team said in a report Wednesday.
The report includes a screenshot from Ramp user Notchy claiming to be the affiliate responsible for the Change ransomware attack.
"Without more details on the Change Healthcare attack, we are unable to determine if this malware was used against them or not."
The ransomware infection, in addition to having a material impact on UnitedHealth, has had devastating effects on the US healthcare system and the patients it serves.
The association, whose members include about 5,000 US hospitals and other healthcare organizations, has urged Congress to pass a financial assistance program and provide "Immediate access to funding" for all providers impacted by what it describes as the "Worst cyberattack on our healthcare system in history." .
News URL
Related news
- Infosec experts fear China could retaliate against tariffs with a Typhoon attack (source)
- Sensata Technologies hit by ransomware attack impacting operations (source)
- Ransomware attack cost IKEA operator in Eastern Europe $23 million (source)
- Kidney dialysis firm DaVita hit by weekend ransomware attack (source)
- China names alleged US snoops over Asian Winter Games attacks (source)
- Ahold Delhaize confirms data theft after INC ransomware claims attack (source)
- Interlock ransomware gang pushes fake IT tools in ClickFix attacks (source)
- Interlock ransomware claims DaVita attack, leaks stolen data (source)
- Ransomware attacks are getting smarter, harder to stop (source)
- Hitachi Vantara takes servers offline after Akira ransomware attack (source)