The State Department announced on March 27 that it’s offering up to $10 million in reward money for information about individuals linked to the ALPHV BlackCat ransomware-as-a-service group.
UnitedHealth Group late last month confirmed that it was victimized by BlackCat in the ransomware attack on its Change Healthcare unit that paralyzed billing services for providers of prescriptions and other services nationwide.
The ransomware group first deployed its services in 2021, and its members have “developed and maintained” ransomware and recruited affiliates to deploy it since then, the State Department said.
“ALPHV BlackCat operated as a ransomware-as-a-service business model in which the group’s members developed and maintained the ransomware variant and then recruited affiliates to deploy the ransomware. ALPHV BlackCat and its affiliates then shared any paid ransoms,” the State Department said in a statement.
The ALPHV BlackCat ransomware-as-a-service group compromised computer networks of critical infrastructure sectors in the United States, deploying ransomware on the targeted systems, “disabling security features within the victim’s network, stealing sensitive confidential information, demanding payment to restore access, and threatening to publicize the stolen data if victims do not pay a ransom,” the agency said.
The department’s Rewards for Justice program — which is administering the reward — specifically wants information that would lead to the “identification or location of anyone who engaged in the malicious cyber activities against U.S. infrastructure on behalf of a foreign government” in violation of the Computer Fraud and Abuse Act.
