Justice Department Hacks the Hackers 

Sarasota, FL (WorkersCompensation.com) – A ransomware hacker group considered to be the second top cybercriminal entity in the world the last 18 months has been hacked and disrupted, according to a Justice Department announcement earlier this week. 

Blackcat ransomware group, also known as ALPHV or Noberus, has hit more than 1,000 entities including healthcare providers, schools, and large businesses such as MGM Resorts International, and Caesars Entertainment. Around 75 percent of the hack victims are located in the U.S. and around 250 are located in other counties. The most alarming hacks have endangered the critical infrastructures in the U.S., including emergency services, government facilities, defense industrial base companies, vital manufacturing, as well as healthcare facilities.

Many of the criminal programmers from Blackcat are also affiliated with Darkside/Blackmatter and Scattered Spider, both of which are masters at social engineering attacks such as SIM swapping, and target business entities to extort large amount of money as a ransom for their data. 

As a way to combat these cybercriminals, the FBI developed a decryption tool for victims that provided a way to restore their systems. So far, the decryption tool has helped victims avoid paying over $68 million in ransom money. 

In a search warrant issued on Dec. 11, in Ft. Lauderdale, Florida, an undercover informant responded to a post in a public online forum requesting applicants for Blackcat affiliate positions. After an “interview” by a Blackcat member, the undercover informant was hired and granted access to a dashboard that monitored current victims. As a result of their investigations, the federal agents were able to not only gain entrants into the group’s computer network, but were also able to seize several websites operated by the group, essentially “hacking the hacker. 

The case is currently under investigation. “The FBI continues to be unrelenting in bringing cybercriminals to justice and determined in its efforts to defeat and disrupt ransomware campaigns targeting critical infrastructure, the private sector, and beyond,” said FBI Deputy Director Paul Abbate. “Helping victims of crime is the FBI’s highest priority and is reflected here in the provision of tools to assist those victimized in decrypting compromised networks and systems. The FBI will continue to aggressively pursue these criminal actors wherever they attempt to hide and ensure they are brought to justice and held accountable under the law.”

According to statistics on the HHS Breach Portal, there have been 547 reports filed through Dec. 21 this year. By comparison, only 296 reports were filed for the same period in 2022. Last year, October had the highest number of reports filed at 43. This year, there were 6 months in which the number of reports were greater than 43, with the highest reports filed in August totaling 65.

Share This Article: