A new cyberattack was performed by the notorious ALPHV (aka BlackCat) ransomware gang after they claimed the attack against a European electricity and gas pipeline firm Creos Luxembourg S.A. As reported by the firm’s owner and operator, Encevo, the attack transpired last July 25.
The gas pipeline firm had not suffered operational disruptions, although the attack had temporarily halted online customer portals. According to the initial findings, the ransomware threat actors had hacked into Creos’ network to steal corporate data.
In the early stages of the incident investigation, the gas pipeline firm has yet to identify its scope. Customers and partners were asked to be patient until an update could be shared on Encevo’s dedicated cyberattack webpage.
As the analysis is still ongoing, the customers of the gas pipeline firm are advised to reset their user account credentials inside Creos and Encevo’s online portals.
On the other hand, the BlackCat ransomware group’s leak site had added Creos to their list of victims. Moreover, the group threatened to leak the gas pipeline firm’s 150GB of company data, consisting of 180,000 stolen files, including agreements, contracts, email messages, and bills.
The notorious ransomware gang, BlackCat, was also spotted with a new extortion site that allows visitors to search all stolen data from their long list of victims. This tactic aims to pressure the victims more into paying the ransom demands.
Moreover, the researchers also highlight the continuous attack strategy of the BlackCat ransomware gang, wherein they target high-profile organisations, often leading them to be under fire from law enforcement groups.
Previously, BlackCat was linked to the name of a dismantled ransomware group dubbed DarkSide, believing that they are its rebrand after being shut down by authorities due to a massive cyberattack incident against Colonial Pipeline in 2021.
Before becoming BlackCat, DarkSide was first renamed BlackMatter, which was also eventually hunted and shut down by authorities.
The relaunched name, ALPHV/BlackCat, made the group evade large organisations to protect themselves against being hunted down by the police. Though, it did not take long before the group returned to attack critical corporations, including this recent attack on Creos Luxembourg S.A.
