Common Information
| Type | Value |
|---|---|
| Value |
ALPHV Ransomware Group |
| Category | Actor |
| Type | Threat-Actor |
| Misp Type | Cluster |
| Description | ALPHA SPIDER is a threat actor known for developing and operating the Alphv ransomware as a service. They have been observed using novel offensive techniques, such as exploiting software vulnerabilities and leveraging legitimate administration tools for malicious activities. ALPHA SPIDER affiliates have demonstrated persistence in exfiltrating data and have shown the ability to bypass security measures like DNS-based filtering and multifactor authentication. Despite lacking specific operational security measures, defenders have opportunities to detect and respond to ALPHA SPIDER's operations effectively. |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2023-09-15 | 1 | BlackCat/ALPHV reportedly encrypted more than 100 MGM ESXi hypervisors | ||
| Details | Website | 2023-09-14 | 2 | Scattered Spider cybercrime group linked to MGM Resorts breach | ||
| Details | Website | 2023-08-25 | 0 | Thousands have SSNs leaked after ransomware attack on Ohio state archive org | ||
| Details | Website | 2023-08-22 | 0 | Ransomware Group Starts Leaking Data From Japanese Watchmaking Giant Seiko | Antivirus and Security news | ||
| Details | Website | 2023-08-03 | 0 | BlackCat Ransomware Group Claims Tempur Sealy Cyber Attack, Gains Access to General Counsel’s Data | ||
| Details | Website | 2023-07-25 | 2 | Ransomware Attack on Interior Design Firm Hirsch Bedner Associates, 1TB of Sensitive Data Held Hostage | ||
| Details | Website | 2023-07-19 | 0 | Estée Lauder Cyber Attack Claimed by ALPHV Ransomware Group, Cl0p Likely Involved | ||
| Details | Website | 2023-07-19 | 0 | Estée Lauder takes down some systems following cyberattack | ||
| Details | Website | 2023-07-17 | 105 | Picus Cyber Threat Intelligence Report June 2023: Key Threat Actors, Regions and Industries at Risk | ||
| Details | Website | 2023-06-20 | 0 | CL0P's Shell Attack, Stolen Reddit Data, and New Edge Stealer | ||
| Details | Website | 2023-06-13 | 1 | ALPHV Claims the Automatic Systems Ransomware Attack | ||
| Details | Website | 2023-06-02 | 3 | CVE-2023-34362: MOVEIt Transfer Critical Zero-Day Vulnerability Exploited in the Wild | ||
| Details | Website | 2023-05-30 | 0 | ALPHV Ransomware Group Hits BC Attorney: What’s With Law Firms and Cybersecurity? | ||
| Details | Website | 2023-05-27 | 3 | The Week in Ransomware - May 26th 2023 - Cities Under Attack - RedPacket Security | ||
| Details | Website | 2023-05-26 | 0 | Norton Healthcare Cyber Attack: ALPHV/BlackCat Posts Ransom Note | ||
| Details | Website | 2023-05-23 | 3 | Malicious Windows kernel drivers used in BlackCat ransomware attacks - RedPacket Security | ||
| Details | Website | 2023-05-22 | 11 | Threat Actor Profile: ALPHV Ransomware Group | ||
| Details | Website | 2023-05-22 | 5 | Malicious Windows kernel drivers used in BlackCat ransomware attacks | ||
| Details | Website | 2023-05-16 | 2 | 'MichaelKors' Showcases Ransomware's Fashionable VMware ESXi Hypervisor Trend | ||
| Details | Website | 2023-05-15 | 0 | BlackCat Ransomware Claims Academy Mortgage Cyber Attack | ||
| Details | Website | 2023-05-09 | 0 | ALPHV Ransomware Attacks Transformative Healthcare, Exposes Sensitive Data | ||
| Details | Website | 2023-05-09 | 0 | This County in Massachusetts Subpoenaed 4 IT Employees For Ransomware Attack | ||
| Details | Website | 2023-05-08 | 0 | Sun Pharma Cyber Attack Latest Update: ALPHV Ransomware Group Leaks Data | ||
| Details | Website | 2023-05-05 | 0 | ALPHV Ransomware Group Claims the Constellation Software Cyber Attack | ||
| Details | Website | 2023-05-03 | 1 | ALPHV ransomware adds Ambit India to its list of victims |