Security News BlackCat ransomware turns off servers amid claim they stole $22 million ransom

Gandalf_The_Grey

Gandalf_The_Grey

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,680
Content source
https://www.bleepingcomputer.com/news/security/blackcat-ransomware-turns-off-servers-amid-claim-they-stole-22-million-ransom/
The ALPHV/BlackCat ransomware gang has shut down its servers amid claims that they scammed the affiliate responsible for the attack on Optum, the operator of the Change Healthcare platform, of $22 million.

While BlackCat's data leak blog has been down since Friday, BleepingComputer had confirmed that negotiation sites were still active over the weekend.

Today, BleepingComputer confirmed the ransomware operations negotiation sites are now shut down as well, indicating a further deliberate take down of the ransomware gang's infrastructure.

A short status in Russian on the messaging platform the ransomware threat actor uses for communication reads that they decided to turn everything off.

It is unclear if this is an exit scam or an attempt to rebrand the operation under a different name.

Change Healthcare is a payment exchange platform that connects doctors, pharmacies, healthcare providers, and patients in the U.S. healthcare system.
Click to expand...
www.bleepingcomputer.com

BlackCat ransomware turns off servers amid claim they stole $22 million ransom

The ALPHV/BlackCat ransomware gang has shut down its servers amid claims that they scammed the affiliate responsible for the attack on Optum, the operator of the Change Healthcare platform, of $22 million.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
  • +Reputation
Reactions: Trident, silversurfer, Andy Ful and 6 others
vtqhtr413

vtqhtr413

Level 27
Verified
Top Poster
Well-known
Aug 17, 2017
1,610
There are indications that U.S. healthcare giant Change Healthcare has made a $22 million extortion payment to the infamous BlackCat ransomware group (a.k.a. “ALPHV“) as the company struggles to bring services back online amid a cyberattack that has disrupted prescription drug services nationwide for weeks. However, the cybercriminal who claims to have given BlackCat access to Change’s network says the crime gang cheated them out of their share of the ransom, and that they still have the sensitive data Change reportedly paid the group to destroy. Meanwhile, the affiliate’s disclosure appears to have prompted BlackCat to cease operations entirely.
Click to expand...
 
  • Wow
Reactions: Jonny Quest

Similar threads

Bot
Security News DOJ Offers $10 Million Reward to Help Identify ALPHV (BlackCat) Actors
Replies
0
Views
1,386
Security News
Bot
Bot
Gandalf_The_Grey
    • Like
    • +Reputation
Malware News The Week in Ransomware - April 19th 2024 - Attacks Ramp Up
Replies
0
Views
1,811
Security News
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Like
    • +Reputation
Security News The biggest cybersecurity and cyberattack stories of 2024
Replies
0
Views
463
Security News
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top