ALPHV Blackcat Ransomware Group
| Actor Type | Criminal Group |
|---|---|
| Affiliated Intrusion Sets | FIN7 |
ALPHV represents the operators behind the BlackCat ransomware strain. According to reporting, ALPHV is likely a Russian-speaking cybercrime group who operate BlackCat as a 'Ransomware as a Service' offering for financial benefit.
Cyber Threat Graph Context
Explore how this Intrusion Set relates to the wider threat graph
ALPHV Blackcat Ransomware Group Threat Reports
Report
StopRansomware: ALPHV Blackcat
This '#StopRansomware' advisory from CISA and partners outlines technical details and mitigations for the ALPHV Blackcat 'Ransomware as a ...
References
www.mandiant.com
https://www.mandiant.com/resources/blog/evolution-of-fin7www.varonis.com
https://www.varonis.com/blog/blackcat-ransomwarewww.cisa.gov
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-353awww.cyber.gc.ca
https://www.cyber.gc.ca/en/guidance/profile-alphvblackcat-ransomwarewww.ic3.gov
https://www.ic3.gov/Media/News/2022/220420.pdfMITRE ATT&CK Techniques
MITRE ATT&CK techniques observed in use by this intrusion set.