The U.S. State Department on Wednesday offered up to $10 million for information on the "Blackcat" ransomware gang who hit the UnitedHealth Group's tech unit and snarled insurance payments across America.
"The ALPHV Blackcat ransomware-as-a-service group compromised computer networks of critical infrastructure sectors in the United States and worldwide," the department said in a statement announcing the reward offer.
website used by hackers responsible for a breach at UnitedHealth Group (UNH.N), opens new tab has been replaced by a notice saying it has been seized by international law enforcement.
But at least one of the agencies allegedly responsible said it had nothing to do with the seizure, raising the possibility that the hackers - who also go by the moniker ALPHV - faked their own takedown.
A message posted to the website of the Blackcat hacking gang on Tuesday said it had been impounded "as part of a coordinated law enforcement action" by U.S. authorities and other law enforcement agencies. Among the logos of non-American agencies involved were those of Europol and Britain's National Crime Agency.
Developing: Someone claiming to be an “affiliate plus” for AlphV claims they were responsible for the Change Healthcare attack but that AlphV stole the payment Change Healthcare had made and suspended the affiliate’s account.
The affiliate’s claims appeared on Ramp Forum and have been circulating since then. The post can be seen below, via @vx-underground:
Le site vitrine de la franchise Alphv/BlackCat affiche désormais un message indiquant qu’il a été saisi par les autorités. Mais une vitrine alternative est en ligne, mais le coup est très sérieux.
The Justice Department announced today a disruption campaign against the Blackcat ransomware group — also known as ALPHV or Noberus — that has targeted the computer networks of more than 1,000 victims and caused harm around the world since its inception, including networks that support U.S. critical infrastructure.