This post may contain affiliate links, please read our affiliate disclosure to learn more.
U.S. Offers Multi-Million Dollar Rewards for Information about ALPHV/Blackcat

U.S. Offers a Multi-Million Dollar Reward for Information about ALPHV/Blackcat

 By Nataly Vovk | Threat Intelligence Analyst
 Published on February 19th, 2024

The U.S. Department of State offered a reward for information leading to the ALPHV/Blackcat ransomware group.

Key Takeaways

  • On February 15, 2024, the U.S. Department of State offered a reward of up to $10 million for details leading to ALPHV/Blackcat ransomware leaders and up to $5 million for information on those involved in ransomware attacks.
  • Over 1,000 entities worldwide have been compromised by ALPHV/Blackcat
  • In December 2023, the FBI disrupted ALPHV’s operations by seizing their websites and releasing a decryption tool.
  • ALPHV has repeatedly targeted critical infrastructure, with a recent attack on Canada’s Trans-Northern Pipeline marking the fourth such incident in recent months.

On February 15, 2024, the U.S. Department of State announced a reward of up to $10 million for information leading to the identification or location of leaders of the Transnational Organized Crime (TOC) group behind the ALPHV/Blackcat ransomware and up to $5 million for information resulting in the arrest or conviction of individuals involved or attempting involvement in ransomware attacks using the ALPHV/Blackcat variant.

NordVPN 67% off + 3-month VPN coupon

Stay One Step Ahead of Cyber Threats

Want to Be the Smartest Guy in the Room? Get the Latest Cybersecurity News and Insights.
We respect your privacy and you can unsubscribe anytime.

The State Department has also set up a specialized Tor SecureDrop server (he5dybnt7sr6cm32xt77pazmtm65flqy6irivtflruqfc5ep7eiodiad.onion) for submitting information about ALPHV or other cyber criminals connected to the group.

Emerging in February 2022, ALPHV/BlackCat is considered to be a continuation of the DarkSide and BlackMatter ransomware groups. The gang has affected over 1,000 entities globally, and it is suspected that ALPHV is supported by Russia.

In December 2023, the FBI successfully dismantled ALPHV’s operations by seizing control of several websites operated by the group and releasing a decryption tool, which helped more than 500 victims worldwide recover their data without having to pay any ransom.

However, shortly after the Department of Justice announced the disruption of the gang’s operations, ALPHV claimed to have regained control of its domain and threatened to retaliate.

ALPHV has a history of targeting critical infrastructure. Recently, the group claimed responsibility for an attack on the operator of Canada’s Trans-Northern Pipelines, allegedly exfiltrating around 190GB of data.

This attack represents the fourth instance in recent months of ALPHV targeting critical infrastructure.

"Amateurs hack systems, professionals hack people."
-- Bruce Schneier, a renown computer security professional
Scroll to Top