iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Following its almost week-long outage, the ALPHV ransomware group has brought its dark web leak site back online; however, not all is back to normal.
The leak site, as observed by Cyber Daily, is missing the entire database of its prior data breaches.
At the time of writing, only one listing is present on the leak site that claims to contain the data of business management consultant Advantage Group International.
ALPHV claims to have eight terabytes of data from Advantage Group International, which includes data from major clients, including “Coca-Cola, Procter & Gamble, Pepsi, etc.”
“Since the company representatives fail to keep their promises in negotiations and continue to ignore us, the decision has been made to release a teaser, and in 72 hours, 100% of the data will be made public. Dear representatives, you still have a chance to avert a disaster,” it added.
Data reportedly includes contact details of those from “top world company”, non-disclosure agreements, legal cases, SSNs, DLs, all employee browser passwords and “many other documents that hold secrets for their clients”.
As serious as this latest attack may be, the elephant that is, or really isn’t, in the room – all of ALPHV’s previous heists are now missing.
This includes some big-name victims, including as part of the supply chain attack on Australian law firm HWL Ebsworth, which resulted in government agencies such as the Office of the Australian Information Commissioner (OAIC) and the big four banks suffering data breaches, just to name a few.
ALPHV’s site was downed last week on 7 December, and while the group had said it would be up shortly following the outage, it remained down for days.
While there is no confirmation on who brought down the leak site, many parties are speculating that law enforcement may have been involved.
One group called RedSense Intelligence published a post on X (formerly Twitter) saying it was able to confirm that law enforcement was responsible for the outage.
Today, RedSense can confirm that #ALPHV aka #BlackCat ransomware gang’s site has been taken down by law enforcement @4D435A pic.twitter.com/ydx5irW86N
— RedSense (@RedSenseIntel) December 8, 2023
While there is currently no concrete evidence to suggest that law enforcement is behind ALPHV’s site going down, prior law enforcement operations have resulted in similar outages, such as the FBI attacks on REvil and Hive.
Be the first to hear the latest developments in the cyber industry.
