ZeroFox Intelligence Profile – ALPHV (BlackCat) Ransomware
|by Alpha Team
ZeroFox Intelligence Profile – ALPHV (BlackCat) Ransomware
Product Serial: P-2023-03-10a
TLP:CLEAR
ALPHV ransomware, identified as early as November 2021, is one of the most prolific ransomware strains on the market. It follows the ransomware-as-a-service (RaaS) model, which has been extensively used by threat actors to infect and extort victims. In this profile, ZeroFox Intelligence analyzes its targets and Tactics, Techniques, and Procedures (TTPs), as well as provides a list of associated Indicators of Compromise (IOCs).
Standing Intelligence Requirements
Deep Dark Web & Criminal Underground
For the most up-to-date list of ZeroFox Threat Research’s Intelligence Requirements, please visit:
https://cloud.zerofox.com/intelligence/advisories/14956
Link to Download View the full report here.
Scope Note
ZeroFox Intelligence is derived from a variety of sources, including—but not limited to—curated open-source accesses, vetted social media, proprietary data sources, and direct access to threat actors and groups through covert communication channels. Information relied upon to complete any report cannot always be independently verified. As such, ZeroFox applies rigorous analytic standards and tradecraft in accordance with best practices and includes caveat language and source citations to clearly identify the veracity of our Intelligence reporting and substantiate our assessments and recommendations. All sources used in this particular Intelligence product were identified prior to 9:00 AM (EST) on March 1, 2023; per cyber hygiene best practices, caution is advised when clicking on any third-party links.
Tags: tlp:clear, DDW Ransomware, all industries