BlackCat (cyber gang)

BlackCat, also known as ALPHV and Noberus, is a ransomware family written in Rust. It made its first appearance in November 2021. By extension, it is also the name of the threat actor(s) who exploit it.

BlackCat operates on a ransomware as a service (RaaS) model, with developers offering the malware for use by affiliates and taking a percentage of ransom payments. For initial access, the ransomware relies essentially on stolen credentials obtained through initial access brokers. The group operates a public data leak site to pressure victims to pay ransom demands.

The group has targeted hundreds of organizations worldwide, including Reddit in 2023. Since its first appearance, it is one of the most active ransomware.

As of February 2024, the U.S. Department of State is offering rewards of up to $10 million for leads that could identify or locate ALPHV/Blackcat ransomware gang leaders.