According to a FLASH alert that was released by the Federal Bureau of Investigation (FBI), BlackCat ransomware, also known as ALPHV, is responsible for the breaches of over sixty different entities across the world. BlackCat was first discovered in December as a Ransomware-as-a-Service (RaaS) offering on hacking forums. The malware is written in the Rust programming language and has the ability to target Windows, Linux, and VMWare ESXi systems. The author of the ransomware is suspected to have been part of the REvil ransomware group.
Analyst Notes
The FLASH alert includes Indicators of Compromise (IOCs) and tactics, techniques, and procedures (TTP) for BlackCat, as well as recommended mitigations to protect against ransomware. The report can be found here: https://www.ic3.gov/Media/News/2022/220420.pdf
https://securityaffairs.co/wordpress/130582/reports/fbi-blackcat-ransomware.html
