Ransomware
BlackCat (ALPHV)
aka ALPHV · Noberus
One of the first major ransomware families written in Rust, a sophisticated RaaS behind the Change Healthcare attack before its 2024 exit scam.
BlackCat (ALPHV) was among the first professional ransomware families built in Rust, giving it a cross-platform encryptor for Windows, Linux and ESXi and strong evasion. Launched in late 2021 with lineage to DarkSide/BlackMatter, it ran a polished RaaS with triple extortion — encryption, data leaks, and DDoS — plus a searchable victim-data site.
Change Healthcare
BlackCat's affiliates were behind the 2024 Change Healthcare attack that disrupted US prescription processing for weeks. The campaign is tracked on Cyber Breaches.
Collapse
After an FBI infrastructure seizure in late 2023, BlackCat resurfaced briefly, then pulled an exit scam in 2024 — taking a large ransom and vanishing on its own affiliates. A Rust-encryptor teardown lives on the Reverse Engineering Hub.
Defense
Patch internet-facing services, enforce MFA, monitor ESXi hosts, and keep immutable backups.