Last Updated on 11/02/2022 by Nidhi Khandelwal
Former members of the famed BlackMatter/DarkSide ransomware operation have stated they are part of the Black Cat ransomware group, also known as ALPHV.
BlackCat/ALPHA is a new ransomware operation with a lot of features that was released in November 2021. It was written in the Rust programming language, which is unique for ransomware outbreaks.
The ransomware executable is highly customisable, with a variety of encryption algorithms and parameters that allow assaults on a variety of business environments.
While the ransomware is known as ALPHV, security researcher MalwareHunterTeam dubbed it BlackCat following the image of a black cat that appears on every victim’s Tor payment page.
When the ransomware operation has been covered in the media or by security researchers since then, it has been dubbed BlackCat.
Many ransomware operations are organized under a Ransomware-as-a-Service (RaaS) model, in which core members are responsible for building the ransomware virus and operating servers, while affiliates (also known as “adverts”) are hired to get into corporate networks and launch attacks.
The primary creators receive between 10 and 30 percent of a ransom payment, while the affiliate receives the remainder. The percentages alter depending on how much ransom money a specific affiliate takes in.
While there have been many RaaS operations in the past, a few top-tier gangs have been known to shut down when law enforcement is on their tail and rebrand under new names.
The ALPHV/BlackCat gang verified allegations that they were associated with the DarkSide/BlackMatter gang in an interview with The Record.
