[ad_1]
The BlackCat ransomware group, aka ALPHV, has claimed accountability for the current cyber assault on Swissport that triggered flight delays and repair disruptions.
The €3 billion income agency, Swissport, has a presence throughout 310 airports in 50 international locations and gives cargo dealing with, upkeep, cleansing, and lounge hospitality providers.
BlackCat has now been seen by BleepingComputer to leak a minuscule set of terabytes of knowledge supposedly obtained from the current ransomware assault.
BlackCat begins leaking knowledge
As reported by BleepingComputer, the cargo and hospitality providers big had earlier disclosed a ransomware assault on its methods.
At present, BlackCat (ALPHV) ransomware group has posted a small set of pattern information that the group claims to have obtained from Swissport.
The menace actor has introduced they’re prepared to promote the complete 1.6 TB “knowledge dump” to a potential purchaser:
The information leak web page seen by BleepingComputer at the moment incorporates photographs of passports, inner enterprise memos, and what look like particulars of job candidates, corresponding to their:
- Full identify
- Passport Quantity
- Nationality
- Faith (Muslim or Non-Muslim indicator)
- E mail
- Telephone quantity
- Job position, interview scores, and different recruitment info
BleepingComputer has reached out to Swissport to raised perceive what this knowledge represents, notably the flag indicator recording the faith of the job candidates:
With its 66,000 staff worldwide, Swissport handles 282 million passengers and 4.8 million tons of cargo yearly, making it a important hyperlink within the international aviation journey trade chain.
As such, whereas the cyberattack on Swissport was “largely contained” with methods totally cleaned and restored, questions stay as to what occurs to delicate knowledge that menace actors might have gotten their fingers on.
BlackCat emerged after BlackMatter’s shut down
Dubbed the “most refined” ransomware group of 2021, BlackCat ransomware group emerged after BlackMatter’s shut down by legislation enforcement.
This month, BlackCat members confirmed they’re certainly linked to the BlackMatter/DarkSide operation.
Whereas the ransomware gang calls themselves ALPHV, safety researcher MalwareHunterTeam beforehand named the ransomware BlackCat after the group used the picture of a black cat on each sufferer’s Tor fee web page. Since then, the ransomware operation has been referred to as BlackCat when mentioned within the media or by safety researchers.
BleepingComputer is conscious of a number of victims focused by this ransomware gang since November 2021 from quite a few international locations, together with the USA, Australia, and India.
Ransom calls for usually vary between $400,000 to $3 million payable in Bitcoin or Monero. Victims paying in bitcoin incur a further 15% payment on high of the demanded ransom.
As a further extortion technique, the BlackCat menace actors threaten to DDoS victims till they pay a ransom.
General, it is a extremely refined ransomware operation with the menace actors clearly contemplating all elements of assaults.
[ad_2]
