A U.S. Justice Department logo or seal showing Justice Department headquarters, known as “Main Justice,” is seen behind the podium in the Department’s headquarters briefing room before a news conference with the Attorney General in Washington, January 24, 2023. REUTERS/Kevin Lamarque/File Photo
By Raphael Satter and Christopher Bing
WASHINGTON (Reuters) -U.S. officials on Tuesday seized digital extortion websites associated with the notorious “Blackcat” ransomware gang, sparking a threat from the hackers to escalate their attacks.
Blackcat – also known as ALPHV or Noberus – is accused of working with the prolific hacking gang known as “Scattered Spider,” which has terrorized major businesses including MGM Resorts International and Caesars Entertainment.
The Justice Department said in a statement that it had “gained visibility into the Blackcat ransomware group’s computer network” and seized several websites used by the group, as well as hundreds of cryptographic keys that could be deployed to help rescue up to 500 hacking victims.
There was no mention of arrests or of action against Scattered Spider, a group believed by security researchers to be composed at least in part of young, native English speakers mainly from Western countries. The group has acted as the sharp end of the spear for Blackcat, seeding data-scrambling software on victims’ devices which can typically only be removed following a massive ransom payment.
A Justice Department spokesperson declined to offer further comment, citing an ongoing investigation.
Some private sector analysts described the takedown as significant. Charles Carmakal, an executive with Alphabet’s Mandiant cybersecurity unit, said it was “a huge win for law enforcement and the community.”
Others said it was only a matter of time before the hackers would regroup.
“Disruption will very likely only result in a temporary suppression of the threat,” said Daniel Curtis, an analyst with cloud security company ZeroFox Holdings.
The hackers themselves promised to retaliate by extorting critical infrastructure providers and hospitals, according to screenshots of their threats captured by researchers at Dell Technologies’ Secureworks and elsewhere.
“The group obviously now has an enormous reputation issue having been infiltrated by law enforcement,” Secureworks researcher Keith Jarvis said. “It feels like bluster.”
Reuters was unable to immediately contact the hackers for further comment.
(Reporting by Raphael Satter and Christopher Bing in WashingtonEditing by Tomasz Janowski, Nick Zieminski and Matthew Lewis)
News Related-
The best Walmart Cyber Monday deals 2023
-
Jordan Poole took time to showboat and got his shot blocked into the stratosphere
-
The Top Canadian REITs to Buy in November 2023
-
OpenAI’s board might have been dysfunctional–but they made the right choice. Their defeat shows that in the battle between AI profits and ethics, it’s no contest
-
Russia-Ukraine Drone Warfare Rages With Dozens Headed for Moscow, Amid Deadly Winter Storm
-
Trump tells appeals court that threats to judge and clerk in NY civil fraud trial do not justify gag order
-
Can Anyone Take Paxlovid for Covid? Doctors Explain.
-
Google this week will begin deleting inactive accounts. Here's how to save yours.
-
How John Tortorella's Culture Extends from the Philadelphia Flyers to the AHL Phantoms
-
Tri-Cities' hatcheries report best Coho return in years
-
Wild release Dean Evason of head coaching duties
-
Air New Zealand’s Cyber Monday Sale Has the 'Lowest Fares of 2023' to Auckland, Sydney, and More
-
NDP tells Liberals to sweeten the deal if pharmacare legislation is delayed
-
'1,000 contacts with a club': Tiger Woods breaks down his typical tournament prep to college kids in fascinating video