Beware of the ALPHV BlackCat, a highly versatile ransomware

by Alexandru Poloboc
Alexandru Poloboc
Alexandru Poloboc
News Editor
With an overpowering desire to always get to the bottom of things and uncover the truth, Alex spent most of his time working as a news reporter, anchor,... read more
Affiliate Disclosure
  • Security experts are warning us about a new, highly dangerous ransomware.
  • The ALPHV has been generically dubbed BlackCat, because of the logo it has.
  • This new ransomware is mostly being promoted on Russian-speaking forums.
  • BlackCat has also been allegedly tested on several Windows operating sytems.
black cat ransomware

No, this is not a joke, even though the name might cause some smiles here and there, but we assure you that this is nothing to take lightly.

ALPHV is a new ransomware operation, generically dubbed BlackCat, that was first introduced last month and could be the most dangerous ransomware 2021 has seen.

We say that because it comes with a highly-customizable feature set allowing for attacks on a wide range of corporate environments.

ALPHV has been supposedly tested on Windows devices

This BlackCat ransomware executable is written in Rust. And although this is not typical for malware developers, it’s slowly increasing in popularity due to its high performance and memory safety.

ALPHV is being promoted on Russian-speaking hacking forums, which might come as no surprise for experts and other parties that are keeping an eye on this matter.

In fact, the name BlackCat isn’t something that the hacker group came up with, it’s actually only a nickname given to it by the ones that discovered it.

It has been named BlackCat due to the same favicon of a black cat being used on the victim’s Tor payment site, while the data leak site uses a picture of a dagger.

This was actually discovered by the MalwareHunterTeam and quickly reported to everyone via Twitter.

ALPHV ransomware includes numerous advanced features that let it stand out from other ransomware operations, which makes it all the more dangerous.

Each ALPHV ransomware executable includes a JSON configuration that allows customization of extensions.

And just like other threat actors, ALPHV uses a triple-extortion tactic where they steal data before encrypting devices and threat to publish the data if a ransom is not paid.

BlackCat is allegedly cross-platform with support for multiple operating systems and has already supposedly been tested on Windows 7, Windows 8.1, Windows 10, and even Windows 11.

Are you doing everything you can to stay protected in this ever-growing online world? Share your opinions with us in the comments section below.

This article covers:Topics: