By Raphael Satter
WASHINGTON (Reuters) – U.S. officials say they have seized digital extortion websites associated with the notorious “Blackcat” ransomware gang and are helping dozens of victims recover their data.
Blackcat – also known as ALPHV or Noberus – is accused of working with the prolific hacking gang known as “Scattered Spider,” which has terrorized major businesses including MGM Resorts International and Caesars Entertainment.
In a statement published on Tuesday, the Justice Department said that it had “gained visibility into the Blackcat ransomware group’s computer network” and seized “several websites.”
There was no mention of arrests or of action against Scattered Spider, a group believed by security researchers to be composed at least in part of young, English-speaking hackers in the West. The group has acted as the sharp end of the spear for Blackcat, seeding data-scrambling software on victims’ devices which can typically only be removed following a massive ransom payment.
The Justice Department and the Federal Bureau of Investigation did not immediately return messages seeking additional detail about the seizure.
The statement said that the FBI had developed a decryption tool that could help up to 500 victims recover their data following the Blackcat seizure. It said that “to date, the FBI has worked with dozens of victims in the United States and internationally to implement this solution, saving multiple victims from ransom demands totaling approximately $68 million.”
(Reporting by Raphael Satter; Editing by Tomasz Janowski)