website used by hackers responsible for a breach at UnitedHealth Group (UNH.N), opens new tab has been replaced by a notice saying it has been seized by international law enforcement.
But at least one of the agencies allegedly responsible said it had nothing to do with the seizure, raising the possibility that the hackers - who also go by the moniker ALPHV - faked their own takedown.
A message posted to the website of the Blackcat hacking gang on Tuesday said it had been impounded "as part of a coordinated law enforcement action" by U.S. authorities and other law enforcement agencies. Among the logos of non-American agencies involved were those of Europol and Britain's National Crime Agency.
Developing: Someone claiming to be an “affiliate plus” for AlphV claims they were responsible for the Change Healthcare attack but that AlphV stole the payment Change Healthcare had made and suspended the affiliate’s account.
The affiliate’s claims appeared on Ramp Forum and have been circulating since then. The post can be seen below, via @vx-underground:
The BlackCat ransomware gang is pulling an exit scam, trying to shut down and run off with affiliates' money by pretending the FBI seized their site and infrastructure.
Hackers operating from Ukraine’s Main Intelligence Directorate (GUR) have claimed another scalp; the Russian Ministry of Defense (MoD).
The GUR, part of Kyiv’s Ministry of Defense, said a “special operation” enabled it to breach the servers of the Russian MoD (Minoborony) to obtain sensitive documents.
These included orders and reports apparently circulated among over 2000 structural units of the ministry.
Discover vulnerable FortiGate firewalls with the Bishop Fox CVE-2024-21762 vulnerability scanner. Learn more here!
Kandji threat analysis reveals how the AMOS macOS stealer constantly changes its hash signatures while maintaining its functionality.
