ZeroFox’s December 2023 ALPHV Targeting Report details ALPHV (BlackCat/Noberus) as one of the most active ransomware and digital extortion threats, responsible for about 10% of global R&DE incidents between 2022 and 2023. Using a Ransomware-as-a-Service model, affiliates exploit vulnerabilities, phishing, and Remote Desktop Protocol access to breach systems. ALPHV mainly targets North America, Europe, and APAC, focusing on manufacturing, healthcare, and financial services. Despite declining slightly due to new collectives like Akira and NoEscape, it remains a major threat. ALPHV employs Rust-based malware, double extortion tactics, and sophisticated evasion, encryption, and lateral movement techniques, maintaining high adaptability and operational impact.

Join for free to read