Select Page

The threat actors behind BlackCat ransomware have come up with an improved variant that prioritizes speed and stealth in an attempt to bypass security guardrails and achieve their goals.

The new version, dubbed Sphynx and announced in February 2023, packs a “number of updated capabilities that strengthen the group’s efforts to evade detection,” IBM Security X-Force said in a new analysis.

The “product” update was first highlighted by vx-underground in April 2023. Trend Micro, last month, detailed a Linux version of Sphynx that’s “focused primarily on its encryption routine.”

BlackCat, also called ALPHV and Noberus, is the first Rust-language-based ransomware strain spotted in the wild. Active since November 2021, it has emerged as a formidable ransomware actor, victimizing more than 350 targets as of May 2023.

images from Hacker News