The ALPHV BlackCat ransomware is the newest group that has drawn attention for having the most advanced malware in years. The group was only the third group to be able to write their strain in Rust language, this language is more secure and reliable than the ones used by the other ransomware groups, which use C and C++ language.
The group is still quite new, but already shows great potential to reach the same level as the REvil ransomware Sodinokibi and Darkside have reached. BlackCat uses the tactic of RaaS (Ransomware a as Service), the group has been offering their malware on Dark Web forums.
The ALPHV ransomware is designed to attack Windows, Linux and VMWare eSXI operating systems. Few groups have managed this feat.
In addition to all these features, the ransomware moves laterally through a company’s internal network, disabling all its protections, and then installs copies of itself on multiple computers to reach as many files as possible.
The group disclosed in a forum that its encryption can be done in four different ways, which are:
This shows how serious and advanced this group is compared to other groups. Besides the RaaS Tactic, the group also uses double extortion, which consists in encrypting and extracting files that will be used for blackmail, if the victim does not pay the ransom imposed by the group, the files will be leaked on a website created specifically for the victim company.
The ALPHV BlackCat ransomware has shown itself to be one of the most worrisome groups in the near future, even though they do not have major attacks today, but from everything they have shown their destructive ability is very large.
The good news is that there are companies, such as Digital Recovery, with the ability and technology to recover data encrypted by ransomware.
This type of resource doesn’t solve all of the consequences of the attack, but it dramatically lessens the damage that could be caused by not having access to the data. This type of resource is ideal for companies that need to have access to their files available for full operation.
In this scenario, Digital Recovery has developed technologies capable of recovering data encrypted by virtually any storage device such as HDDs, SSDs, Databases, Storages, RAID systems, Virtual Machines and others.
We develop exclusive processes that are customized to meet the real needs of each client, all these processes are supported by General Data Protection Regulation (GDPR) and still provide the Confidentiality Agreement (NDA). The recovery is done in a totally safe environment.
Contact us and start the recovery process right now.