Uptime Hamster: 0d 0h 0mDeploy: 5 Jul 2026 10:25Updated: 2026-07-10
Logo del actor de amenaza BlackCat

BlackCat

1 incidentes 1 paises 1 sectores ransomware RU Ultimo: 2026-06-18
Aliases: AlphaVM, Noberus, ALPHV, se relaciona con identificadores de Microsoft como DEV-0237, DEV-0504
Ver en IntelTracker → APTTrail →
BlackCat, also known as ALPHV or Noberus, emerged in mid-November 2021 as a sophisticated Ransomware-as-a-Service (RaaS) operation, succeeding groups like DarkSide and BlackMatter. The group, assessed with moderate confidence to be of Russian-speaking origin and likely based in a Commonwealth of Independent States (CIS) country, is financially motivated. BlackCat notably differentiates itself by being the first major ransomware written in the Rust programming language, which enables cross-platform compatibility and evasion of some traditional security detections. The group also pioneered establishing a public data leak site on the open internet, not just the dark web, to exert additional pressure on victims. Their extortion model often extends to triple extortion, incorporating Distributed Denial-of-Service (DDoS) attacks alongside data encryption and public data leaks. BlackCat offers high payouts, typically 80-90% of ransoms, to its affiliates, distinguishing its business model withi

Aliases del actor

AlphaVMNoberusALPHVse relaciona con identificadores de Microsoft como DEV-0237DEV-0504

Actores similares

devmanransomware · 184Network Devicesactor · 1Compromise Software Dependencies and Development Toolsactor · 1Device Driver Discoveryactor · 1CS FQL: 32. Detect Data Exfiltration via external storage devicesactor · 1dev-0322actor · 1dev-0343actor · 1weredevilsactor · 1DEV-0147apt · 0DEV-0586apt · 0

Canales, DLS e infraestructura asociada

Clasificacion automatica desde IntelTracker/APTTrail/OSINT. Estado real solo si viene indicado por la fuente.

TipoEstadoHost / enlaceTitle / ultimo titulo
Repositoriounknowngithub.comBlackCat
DLS / leak siteunknownraw.githubusercontent.comBlackCat
DLS / leak siteunknownwww.crowdstrike.comBlackCat
DLS / leak siteunknownwww.bleepingcomputer.comBlackCat
DLS / leak siteunknowntherecord.mediaBlackCat
DLS / leak siteunknownwww.blackberry.comBlackCat
DLS / leak siteunknowngo.kaspersky.comBlackCat
DLS / leak siteunknownwww.trendmicro.comBlackCat
CVEs relacionadas
CVE-2025-50168, CVE-2025-11953, CVE-2025-11833, CVE-2024-37085, CVE-2021-35464, CVE-2021-34523
Victimas
0
TTPs unicas
0
Info robada historica
N/D
Rescates reclamados
N/D
Pagos detectados
N/D

Paises afectados

United Kingdom (1)

Paises objetivo (SOCRadar)

United Arab EmiratesAlbaniaAngolaArgentinaAustriaAustraliaArubaAzerbaijanBosnia and HerzegovinaBangladesh

Sectores atacados

Media (1)

Sectores objetivo (SOCRadar)

Construction of BuildingsFood ManufacturingOther Information ServicesRail TransportationSoftware PublishersTransit and Ground Passenger TransportationReal EstateHospitalsTransportation Equipment ManufacturingWaste Management and Remediation Services

URLs nuevas detectadas en IntelTracker

github.com raw.githubusercontent.com