Feds disrupt major ransomware group targeting schools, law firms, hospitals

/in


The U.S. Department of Justice has disrupted a major ransomware group — and enabled some people to restore their systems — with South Florida playing a central role in the cybercrime investigation, authorities said.

The FBI this month seized several websites operated by the Blackcat ransomware group, launched a disruption campaign, and “gained visibility” into the group’s computer network, according to an affidavit supporting a search warrant unsealed Tuesday in the Southern District of Florida.

The FBI developed a decryption tool that allowed its field offices nationwide and international law enforcement partners to offer more than 500 affected victims the capability to restore their computer systems, the Justice Department said. To date, the FBI has saved victims from ransom demands totaling approximately $68 million.

“In disrupting the BlackCat ransomware group, the Justice Department has once again hacked the hackers,” said Deputy Attorney General Lisa Monaco in a statement Tuesday.

The FBI Miami Field Office is leading the investigation and the case involves federal prosecutors in Miami.

The Blackcat ransomware group is also known as ALPHV or Noberus. Ransomware is malicious software that denies individuals access to computer systems until one pays a ransom. Typically, cybercriminals encrypt an individual’s computer and then demand a ransom before decrypting it. Payment is usually requested in cryptocurrency and to addresses controlled by the criminals.

“With a decryption tool provided by the FBI to hundreds of ransomware victims worldwide, businesses and schools were able to reopen, and health care and emergency services were able to come back online,” she noted. “We will continue to prioritize disruptions and place victims at the center of our strategy to dismantle the ecosystem fueling cybercrime.”

A message from a ransomware attack. The FBI disrupted a major ransomware group — Blackcat — with South Florida playing a central role in the cybercrime investigation, authorities said.A message from a ransomware attack. The FBI disrupted a major ransomware group — Blackcat — with South Florida playing a central role in the cybercrime investigation, authorities said.

A message from a ransomware attack. The FBI disrupted a major ransomware group — Blackcat — with South Florida playing a central role in the cybercrime investigation, authorities said.

Over the past 18 months, ALPHV/Blackcat has become the second most prolific ransomware in the world based on the hundreds of millions of dollars in ransom paid by victims, the…

Source…