CRIME
FBI Offers Decryption Tool For Victims Of Blackcat Ransomware Attacks
FBI
The U.S. Department of Justice on Tuesday announced it is releasing an FBI-developed decryption tool to help victims of certain ransomware attacks regain control of their systems.
The DOJ said that U.S. and European law enforcement agencies have disrupted the Blackcat ransomware group — also known as ALPHV or Noberus — which has targeted the computer networks of more than 1,000 victims, including critical infrastructure in the U.S. and the recent attack against MGM resorts.
The ALPHV/Blackcat has emerged as the second most prolific ransomware-as-a-service variant in the world over the past 18 months, based on the hundreds of millions of dollars in ransoms paid by victims, the DOJ said. The hackers steal data before hijacking computer systems, and demand a ransom payment in return for restoring their systems and promising not to release the stolen data.
“In disrupting the BlackCat ransomware group, the Justice Department has once again hacked the hackers,” Deputy Attorney General Lisa Monaco said in a statement. “With a decryption tool provided by the FBI to hundreds of ransomware victims worldwide, businesses and schools were able to reopen, and health care and emergency services were able to come back online. We will continue to prioritize disruptions and place victims at the center of our strategy to dismantle the ecosystem fueling cybercrime.”
The DOJ said that to date, the FBI has used the decryption tool to assists dozens of U.S.-based victims, saving them from ransom demands totaling $68 million. U.S. victims include government facilities, emergency services, defense industrial base companies, critical manufacturing, and healthcare and public health facilities – as well as other corporations, government entities, and schools.
According to a search warrant unsealed Tuesday in Florida, the FBI has also gained visibility into the BlackCat ransomware groups computer network during its investigation and seized several websites operated by the group.
“The FBI continues to be unrelenting in bringing cybercriminals to justice and determined in its efforts to defeat and disrupt ransomware campaigns targeting critical infrastructure, the private sector, and beyond,” said FBI Deputy Director Paul Abbate. “Helping victims of crime is the FBIs highest priority and is reflected here in the provision of tools to assist those victimized in decrypting compromised networks and systems.
The investigation is being led by the FBI Miami field office.
“Todays announcement highlights the Justice Departments ability to take on even the most sophisticated and prolific cybercriminals,” said U.S. Attorney Markenzy Lapointe for the Southern District of Florida. “As a result of our offices tireless efforts, alongside FBI Miami, U.S. Secret Service, and our foreign law enforcement partners, we have provided Blackcats victims, in the Southern District of Florida and around the world, the opportunity to get back on their feet and to fortify their digital defenses.
TMX contributed to this article.
