BlackCat/ALPHV Ransomware Indicators of Compromise

 This FLASH is part of a
series of FBI reports to disseminate known indicators of compromise (IOCs)
and tactics, techniques and procedures (TTPs) associated with ransomware
variants identified through FBI investigations. As of March 2022, BlackCat/ALPHV
ransomware as a service (RaaS) had compromised at least 60 entities
worldwide and is the first ransomware group to do so successfully using
RUST, considered to be a more secure programming language that offers
improved performance and reliable concurrent processing.
BlackCat-affiliated threat actors typically request ransom payments of
several million dollars in Bitcoin and Monero but have accepted ransom
payments below the initial ransom demand amount. Many of the developers
and money launderers for BlackCat/ALPHV are linked
to Darkside/Blackmatter, indicating they have extensive networks and
experience with ransomware operations.


to read the full details go here