Ransomware, Threat Management, Critical Infrastructure Security, Governance, Risk and Compliance

BlackCat ransomware attacks mainly aimed at industrial firms

SecurityWeek reports that industrial companies are being increasingly targeted by the BlackCat ransomware-as-a-service group, also known as ALPHV or Noberus, which has targeted various organizations around the world since its emergence last November. Kaspersky researchers discovered that BlackCat had attacked a South American oil, gas, mining, and construction firm with a version of the data exfiltration tool Fendr, also known as ExMatter, which included more file types usually found in industrial environments. "These additional file extensions are used in industrial design applications, like CAD drawings and some databases, as well as RDP configuration settings, making the tool more customized towards the industrial environments that we see being targeted by this group," said Kaspersky, which also offered more information regarding the association of BlackCat with the BlackMatter hacking operation. The findings come after Claroty had reported about the rising prevalence of significant ransomware attacks against industrial control systems and other operational technology environments.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.