ALPHV BlackCat Ransomware

The ALPHV BlackCat ransomware is the newest group that has drawn attention for having the most advanced malware in years. The group was only the third group to be able to write their strain in Rust language, this language is more secure and reliable than the ones used by the other ransomware groups, which use C and C++ language.

The group is still quite new, but already shows great potential to reach the same level as the REvil ransomware Sodinokibi and Darkside have reached. BlackCat uses the tactic of RaaS (Ransomware a as Service), the group has been offering their malware on Dark Web forums.

The ALPHV ransomware is designed to attack Windows, Linux and VMWare eSXI operating systems. Few groups have managed this feat.

In addition to all these features, the ransomware moves laterally through a company’s internal network, disabling all its protections, and then installs copies of itself on multiple computers to reach as many files as possible.

The group disclosed in a forum that its encryption can be done in four different ways, which are:

  • Full – complete encryption of the file. The most secure and slowest.
  • Fast – encryption of the first N megabytes. Not recommended for use, the most insecure solution possible, but the fastest.
  • DotPattern – encryption of N megabytes by M step. If set incorrectly, Fast can work worse in both speed and cryptographic strength.
  • Auto – Depending on the type and size of the file, the cabinet (on both Windows and * nix / esxi) chooses the best strategy (in terms of speed / security) to process the files.

This shows how serious and advanced this group is compared to other groups. Besides the RaaS Tactic, the group also uses double extortion, which consists in encrypting and extracting files that will be used for blackmail, if the victim does not pay the ransom imposed by the group, the files will be leaked on a website created specifically for the victim company.

Ransomware ALPHV BlackCat

Recover Files Encrypted by ALPHV BlackCat Ransomware

The ALPHV BlackCat ransomware has shown itself to be one of the most worrisome groups in the near future, even though they do not have major attacks today, but from everything they have shown their destructive ability is very large.

The good news is that there are companies, such as Digital Recovery, with the ability and technology to recover data encrypted by ransomware.

This type of resource doesn’t solve all of the consequences of the attack, but it dramatically lessens the damage that could be caused by not having access to the data. This type of resource is ideal for companies that need to have access to their files available for full operation.

In this scenario, Digital Recovery has developed technologies capable of recovering data encrypted by virtually any storage device such as HDDs, SSDs, Databases, Storages, RAID systems, Virtual Machines and others.

We develop exclusive processes that are customized to meet the real needs of each client, all these processes are supported by General Data Protection Regulation (GDPR) and still provide the Confidentiality Agreement (NDA). The recovery is done in a totally safe environment.

Contact us and start the recovery process right now.

Redação Digital Recovery
Redação Digital Recovery
Team Digital Recovery is composed of data recovery specialists who, in a simple way, aim to bring information about the latest technologies on the market, as well as inform about our ability to act in the most complex data loss scenarios.
Mas ele foi traspassado pelas nossas transgressões e moído pelas nossas iniquidades; o castigo que nos traz a paz estava sobre ele, e pelas suas pisaduras fomos sarados.
Para garantir uma melhor experiência em nosso site, ao continuar navegando, você concorda com o uso de cookies de acordo com nossa política de privacidade.