BlackCat ransomware, a sophisticated malware written in Rust
A new sophisticated professional ransomware strain named ALPHV (aka BlackCat), which is written in the Rust programming language was discovered by malware researchers from Recorded Future and MalwareHunterTeam.
There were two other ransomware written in Rust for research purposes earlier, one of them was published on GitHub in 2020, the second one is a now-defunct strain named BadBeeTeam.
Unlike other malware, ALPHV (BlackCat) is the first Rust ransomware that was used in attacks in the wild by a cybercrime organization. BlackCat can target Windows, Linux, and VMWare eSXI systems, but the number of victims is limited here.
BlackCat ransomware is considered to be very sophisticated. According to experts at Recorded Future, the author of the BlackCat ransomware, known as ALPHV, is believed to be previously involved with the REvil ransomware operations.
ALPHV has been advertising the BlackCat Ransomware-as-a-Service (RaaS) on the cybercrime forums XSS and Exploit since early December. Like other ransomware groups, the gang also implements a double-extortion model, threatening to leak the stolen data if the victims don’t pay.
ALPHV is attempting to recruit affiliates for its operations, offering between 80% and 90% of the final ransom, depending on its value.
Only a small number of victims in the USA, Australia, and India were affected by this ransomware. Ransom demands range from a few hundreds of thousands up to $3 worth of Bitcoin or Monero.
The researchers pointed out that the ransomware gang operates multiple leak sites, each of them hosting the data of a couple of victims. This suggests that each affiliate operates its own leak site.
The post BlackCat ransomware, a sophisticated malware written in Rust first appeared on Cybersafe News.