The Anatomy of a BlackCat (ALPHV) Attack
released on 2024-03-11 @ 04:54:49 PM
This report presents a real-life case study of a financial extortion attack by the BlackCat ransomware group against a victim company, as investigated and thwarted by Sygnia's Incident Response team. The attack involved initial access via a compromised third-party vendor, lateral movement using Cobalt Strike and other tools, massive data exfiltration, and extortion attempts via email. The threat actor's operations were disrupted due to immediate containment actions taken by the victim company.