2 min

The Black Cat ransomware takes charge of a cyberattack on a Luxembourg-based power company.

On July 22 and 23, an attack on Encevo’s energy and gas rail line corporation in Luxembourg contributed to network invaders trying to withdraw data.

The connection to Black Cat, also recognized as ALPHV, was discovered after the group threatened to publicize 180,000 hijacked documents comprising 150GB unless a substantial amount was paid. Treaties, identity documents, debts and email accounts have all been reported as hacked information.

Rebranding of the DarkSide Ransomware Group

ALPHV is the most recent rebranding of the DarkSide ransom gang, which was responsible for the Colonial Pipeline invasion in May 2021. It threatened a German gas supplier in November 2021 and attacked a Swiss port in February 2022.

According to Brett Callow, an Emsisoft risk analyst who tweeted ALPHV’s leak web post, the group is becoming more energetic. It will soon be as active as the well-known and successful LockBit ransomware group.

ALPHV caused significant problems in the year after its release in November 2021. It primarily affects large organizations and has targeted several crucial structural responses.

Role of a cybersecurity team

It is crucial to provide the security team with all the information as they help avoid an attack and respond to cybersecurity cases appropriately and quickly.

Collecting a complete overview of remote monitoring data from multiple sources that connect the various indicators of agreement between the gang and victim can help the security team solve the mystery automatically.

However, in this case, the security team does not have the better accuracy required to recognize a threat and comprehend the entire attack campaign rather than just individual threats.

Key takeaways

Threat gangs do not appear to learn from the experience, despite all legislation and pressure, because they are continuously attacking the critical infrastructure of companies.

However, threat actors try to avoid large American targets because of European entities such as Austrian states, Italian fashion chains and a Swiss airport service provider.