Advanced BlackCat Ransomware Using Triple Extortion Tactics and Signed Kernel Driver

Threat Level

Attack Report

For a detailed threat advisory, download the pdf file here

Summary

The BlackCat ransomware operation is a highly sophisticated and customizable threat targeting corporate environments, featuring advanced encryption, spreading capabilities, and triple extortion tactics. It utilizes a signed kernel driver for defense evasion recently.

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.