ALPHV BlackCat Ransomware

The ALPHV BlackCat ransomware is the newest group that has drawn attention for having the most advanced malware in years. The group was only the third group to be able to write their strain in Rust language, this language is more secure and reliable than the ones used by the other ransomware groups, which use C and C++ language.

The group is still quite new, but already shows great potential to reach the same level as the REvil ransomware Sodinokibi and Darkside have reached. BlackCat uses the tactic of RaaS (Ransomware a as Service), the group has been offering their malware on Dark Web forums.

The ALPHV ransomware is designed to attack Windows, Linux and VMWare eSXI operating systems. Few groups have managed this feat.

In addition to all these features, the ransomware moves laterally through a company’s internal network, disabling all its protections, and then installs copies of itself on multiple computers to reach as many files as possible.

The group disclosed in a forum that its encryption can be done in four different ways, which are:

  • Full – complete encryption of the file. The most secure and slowest.
  • Fast – encryption of the first N megabytes. Not recommended for use, the most insecure solution possible, but the fastest.
  • DotPattern – encryption of N megabytes by M step. If set incorrectly, Fast can work worse in both speed and cryptographic strength.
  • Auto – Depending on the type and size of the file, the cabinet (on both Windows and * nix / esxi) chooses the best strategy (in terms of speed / security) to process the files.

This shows how serious and advanced this group is compared to other groups. Besides the RaaS Tactic, the group also uses double extortion, which consists in encrypting and extracting files that will be used for blackmail, if the victim does not pay the ransom imposed by the group, the files will be leaked on a website created specifically for the victim company.

Ransomware ALPHV BlackCat

Recover Files Encrypted by ALPHV BlackCat Ransomware

The ALPHV BlackCat ransomware has shown itself to be one of the most worrisome groups in the near future, even though they do not have major attacks today, but from everything they have shown their destructive ability is very large.

The good news is that there are companies, such as Digital Recovery, with the ability and technology to recover data encrypted by ransomware.

This type of resource doesn’t solve all of the consequences of the attack, but it dramatically lessens the damage that could be caused by not having access to the data. This type of resource is ideal for companies that need to have access to their files available for full operation.

In this scenario, Digital Recovery has developed technologies capable of recovering data encrypted by virtually any storage device such as HDDs, SSDs, Databases, Storages, RAID systems, Virtual Machines and others.

We develop exclusive processes that are customized to meet the real needs of each client, all these processes are supported by General Data Protection Regulation (GDPR) and still provide the Confidentiality Agreement (NDA). The recovery is done in a totally safe environment.

Contact us and start the recovery process right now.

Redação Digital Recovery
Redação Digital Recovery
O Team Digital Recovery é composto por especialistas em recuperação de dados que, de uma forma simples, tem o intuito de levar informação sobre as últimas tecnologias do mercado, além de informar sobre a nossa capacidade de atuar nos cenários mais complexos de perda de dados. Nossa redação se empenha em trazer as informações mais relevantes sobre ataques ransomware, Banco de Dados, Servidores, Máquinas Virtuais e outros. Nos acompanhe e fique por dentro das novidades nas tecnologias de recuperação de dados.
You may also like

Learn more about data recovery and technology innovations.

Mas ele foi traspassado pelas nossas transgressões e moído pelas nossas iniquidades; o castigo que nos traz a paz estava sobre ele, e pelas suas pisaduras fomos sarados.