Home Monero BlackCat (ALPHV) claims Swissport ransomware assault, leaks knowledge

BlackCat (ALPHV) claims Swissport ransomware assault, leaks knowledge

5 min read
Comments Off on BlackCat (ALPHV) claims Swissport ransomware assault, leaks knowledge


The BlackCat ransomware group, aka ALPHV, has claimed accountability for the latest cyber assault on Swissport that triggered flight delays and repair disruptions.

The €3 billion income agency, Swissport, has a presence throughout 310 airports in 50 nations and supplies cargo dealing with, upkeep, cleansing, and lounge hospitality companies.

BlackCat has now been seen by BleepingComputer to leak a minuscule set of terabytes of knowledge supposedly obtained from the latest ransomware assault.

BlackCat begins leaking knowledge

As reported by BleepingComputer,  the cargo and hospitality companies big had earlier disclosed a ransomware attack on its techniques.

At the moment, BlackCat (ALPHV) ransomware group has posted a small set of pattern recordsdata that the group claims to have obtained from Swissport.

The menace actor has introduced they’re keen to promote the whole 1.6 TB “knowledge dump” to a potential purchaser:

Swissport BlackCat data leak page
BlackCat (ALPHV) ransomware op claims to have 1.6 TB of Swissport’s knowledge (DarkTracer)

The information leak web page seen by BleepingComputer as we speak accommodates photographs of passports, inside enterprise memos, and what seem like particulars of job candidates, resembling their:

  • Full identify
  • Passport Quantity
  • Nationality
  • Faith (Muslim or Non-Muslim indicator)
  • Electronic mail
  • Telephone quantity
  • Job function, interview scores, and different recruitment info

BleepingComputer has reached out to Swissport to higher perceive what this knowledge represents, notably the flag indicator recording the faith of job candidates:

employment candidates' details
The leaked desk has info of job candidates (BleepingComputer)

With its 66,000 staff worldwide, Swissport handles 282 million passengers and 4.8 million tons of cargo yearly, making it a very important hyperlink within the world aviation journey business chain.

As such, whereas the cyberattack on Swissport was “largely contained” with techniques fully cleaned and restored, questions stay as to what occurs to delicate knowledge that menace actors could have gotten their arms on.

BlackCat emerged after BlackMatter’s shut down

Dubbed the “most sophisticated” ransomware group of 2021, BlackCat ransomware group emerged after BlackMatter’s shut down by law enforcement.

This month, BlackCat members confirmed they’re certainly linked to the BlackMatter/DarkSide operation.

Whereas the ransomware gang calls themselves ALPHV, safety researcher MalwareHunterTeam beforehand named the ransomware BlackCat after the group used the picture of a black cat on each sufferer’s Tor fee web page. Since then, the ransomware operation has been referred to as BlackCat when mentioned within the media or by safety researchers.

BleepingComputer is conscious of a number of victims focused by this ransomware gang since November 2021 from quite a few nations, together with the USA, Australia, and India.

Ransom calls for usually vary between $400,000 to $3 million payable in Bitcoin or Monero. Victims paying in bitcoin incur a further 15% payment on high of the demanded ransom.

As a further extortion methodology, the BlackCat menace actors threaten to DDoS victims till they pay a ransom.

General, it is a extremely refined ransomware operation with the menace actors clearly contemplating all facets of assaults.

Source link

Load More Related Articles
Load More By admin
Load More In Monero
Comments are closed.

Check Also

Bitcoin vs Ethereum – Forbes Advisor UK – Forbes

Bitcoin and Ethereum are the Coca-Cola and Pepsi of the cryptocurrency house. Because the …