The infamous ALPHV ransomware group, also recognized as Black Cat hacker collective, has revealed the list of its latest victims. With a growing list of compromised entities, the group has lately honed in on three fresh targets in its most recent targeted attacks.

In this latest series of cyber attacks, Clarion, Phil-Data Business Systems Inc, and MNGI Digestive Health have fallen victim to the notorious hacker group. What sets this campaign apart is the selection of these companies and the unique perspective that the ALPHV ransomware group has added.

Additionally, the ALPHV ransomware group has demonstrated a new level of adaptability, employing state-of-art technical methods in their attacks.

The ALPHV ransomware group targets new victims

Despite these advancements, the ALPHV ransomware group‘s fundamental modus operandi for cyber claims has remained consistent; they continue to assert responsibility for their attacks via their preferred communication channels.

Clarion, singled out as the initial target, was designated by the threat actor as possessing “dangerous electronics.” Adding more information to this attack, the threat actor further stated, “Clarion is the most dangerous electronics to use that can cause you to be hacked.”

Meanwhile, no explicit rationale was furnished for targeting MNGI Digestive Health. In the case of the third victim, Phil-Data Business Systems Inc., the threat actor delivered a more dire message, proclaiming, “Phil-Data Business Systems was breached.

A trove of critical data has been exfiltrated. We now have access to client companies and their proprietary data.” It is important to underscore that, despite these declarations, the veracity of such statements remains unverified.

The Cyber Express attempted to establish contact with the affected companies, only to be stymied by technical complications and communication hurdles, leaving the claims surrounding the cyber attack in a state of limbo.

Adding a layer of complexity to the situation, the victimized companies have refrained from issuing any updates or breach notifications.

ALPHV ransomware group employs new tactics

The ALPHV ransomware group is a seasoned threat actor and has been targeting big corporations since November 2021.

During the last few years, the threat actors have demonstrated modest approach in their operations, targeting organizations in the healthcare, education, electricity, and natural gas sectors.

In a report shared by the FBI in 2022, the ransomware group has been working as a ransomware as a service (RaaS) and has targeted over 60 entities. ALPHV ransomware group is written in the secure programming language called Rust, supporting 

The ALPHV ransomware group has escalated its tactics, now exerting pressure on its victims to consent to a ransom. They have gone so far as to provide an API for their leak site, amplifying the visibility of their attacks.

The infamy of the ALPHV/BlackCat ransomware group precedes them, with previous attacks tying them to an attack on MGM Resorts.

Initially framed as a ‘cybersecurity issue,’ the assault impacted various services across MGM Resort locations in the U.S. However, emerging claims posit that the ALPHV hacking group orchestrated the attack through social engineering.

Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.

Related