ALPHV ransomware site outage rumored to be caused by law enforcement
pMicrosoft December 2023 Patch Tuesday fixes 34 flaws 1 zerodayppUkrainian military says it hacked Russias federal tax agencyppMicrosoft OAuth apps used to automate BEC and cryptomining attacksppWindows 11 KB5033375 update released with upgraded Copilot AIassistantppMicrosoft seizes domains used to sell fraudulent Outlook accountsppStealthy KVbotnet hijacks SOHO routers and VPN devicesppBazarCall attacks abuse Google Forms to legitimize phishing emailsppFrench police arrests Russian suspect linked to Hive ransomwareppQualys BrowserCheckppSTOPDecrypterppAuroraDecrypterppFilesLockerDecrypterppAdwCleanerppComboFixppRKillppJunkware Removal ToolppBest VPNsppHow to change IP addressppAccess the dark web safelyppBest VPN for YouTubeppRemove the Theonlinesearchcom Search RedirectppRemove the Smartwebfindercom Search RedirectppHow to remove the PBlock adware browser extensionppRemove the Toksearchesxyz Search RedirectppRemove Security Tool and SecurityTool Uninstall GuideppHow to Remove WinFixer Virtumonde Msevents TrojanvundoppHow to remove Antivirus 2009 Uninstall InstructionsppHow to remove Google Redirects or the TDSS TDL3 or Alureon rootkit using TDSSKillerppLocky Ransomware Information Help Guide and FAQppCryptoLocker Ransomware Information Guide and FAQppCryptorBit and HowDecrypt Information Guide and FAQppCryptoDefense and HowDecrypt Ransomware Information Guide and FAQppHow to enable Kernelmode Hardwareenforced Stack Protection in Windows 11ppHow to use the Windows Registry EditorppHow to backup and restore the Windows RegistryppHow to open a Windows 11 Command Prompt as AdministratorppHow to start Windows in Safe ModeppHow to remove a Trojan Virus Worm or other MalwareppHow to show hidden files in Windows 7ppHow to see hidden files in WindowsppeLearningppIT Certification CoursesppGear GadgetsppSecurityppppA law enforcement operation is rumored to be behind an outage affecting ALPHV ransomware gangs websites over the last 30 hoursppThe ALPHV aka BlackCat negotiation and data leak sites suddenly became unavailable yesterday and continue to remain down todayppBleepingComputer has also confirmed that unique Tor negotiation URLs shared with victims in ransom notes are also down indicating a disruption to the ransomware gangs publicfacing infrastructure and a halt to ongoing negotiationsppWhen questioned yesterday about the disruption the Admin for ALPHV told BleepingComputer that the sites may be back online soonppThat was 20 hours ago and the sites continue to remain down at this timeppThe Tox status for the Admin claims that the operation is repairing their servers but they have not answered questions about what happenedppHowever BleepingComputer suspects that the ransomware gang may have suffered potential law enforcement action after their recent activities which was also hinted at by othersppHearing wild and strong rumours that ALPHVBlackcat has been paid a visit by the FBI reads a tweet by someone named Evangelos GppppFriday afternoon cybersecurity firm RedSense Intel also confirmed to BleepingComputer that the servers were shut down due to a law enforcement actionppToday RedSense can confirm that ALPHV aka BlackCat ransomware gangs site has been taken down by law enforcement RedSense also shared in a tweet on XppBleepingComputer has not been able to independently confirm whether the FBI breached ALPHVs servers and they declined to comment when asked about the outagesppHowever similar disruptions were seen in the past due to law enforcement operationsppFor example when the FBI breached REvils servers they obtained the decryption keys for the victims of the Kaseya ransomware attackppSimilarly the FBI hacked Hives infrastructure secretly obtaining decryption keys and disseminating them to victimsppAre you a ALPHV affiliate or someone with information about ALPHVs website outages If you want to share the information you can contact us securely on Signal at 1 646 9613731 via email at tipsbleepingcomputercom or using our tips formppThe ALPHVBlackCat ransomware operation is believed to be a rebrand of the DarkSide gang The operation launched in 2020 and quickly rose to prominence over the next yearppHowever after attacking the Colonial Pipeline the ransomware gang faced intense scrutiny by the US government and international law enforcement ultimately leading to the seizure of their infrastructure and the operation shutting downppOnly a few months later the ransomware gang returned this time under the name BlackMatter However the managers of this operation claimed in an interview that they were affiliates of the DarkSide operation and not the original leadersppOnly a short four months later BlackMatter shut down its operation in November 2021 after claiming to be under pressure from law enforcementppIn February 2022 the ransomware gang returned again this time under the name ALPHV also known as BlackCat due to an image used on their Tor negotiation sitesppWhile this rebrand started out like most ransomware gangs targeting companies in extortion attacks worldwide they have expanded their operations by partnering with Englishspeaking affiliates and targeting critical infrastructure such as hospitals and water suppliersppDue to this it was only a matter of time until they again felt the scrutiny of law enforcement whether it be this disruption or a future oneppUpdate 12823 Added further public confirmations that the shutdown of servers is related to law enforcement actionppLockBit ransomware now poaching BlackCat NoEscape affiliatesppNorton Healthcare discloses data breach after May ransomware attackppHTC Global Services confirms cyberattack after data leaked onlineppTipalti investigates claims of data stolen in ransomware attackppHealthcare giant Henry Schein hit twice by BlackCat ransomwareppNot a member yet Register NowppCloud engineer gets 2 years for wiping exemployers code reposppOver 1450 pfSense servers exposed to RCE attacks via bug chainppTerms of Use Privacy Policy Ethics Statement Affiliate DisclosureppCopyright 2003 2023 Bleeping Computer LLC All Rights ReservedppNot a member yet Register NowppRead our posting guidelinese to learn what content is prohibitedp