Find notable cyber news and cases, enriched with sources, timelines, and signals.

BlackCat (ALPHV) multi-victim ransomware extortion campaign against U.S. companies

Campaign
First reported
Last updated
Happening score
H score 53
2 unique sources, 2 articles

Summary

Hide ▲

Two former cybersecurity workers pleaded guilty for participation in a BlackCat (ALPHV) ransomware extortion campaign that hit multiple U.S. victims, showing how affiliate access and insider experience can scale criminal operations. The campaign ran from May 2023 to November 2023 and tied intrusions to a 20% share of ransoms for access to BlackCat's platform. Victims included companies in pharmaceuticals, engineering, medical devices, drones, and healthcare, and one victim paid $1.27 million after its servers were encrypted.

Related Happenings

Vect and TeamPCP industrialize ransomware through a supply-chain credential-theft alliance

Threat Actor Meta
H score67 First: 03.07.2026 14:30 Last: 03.07.2026 14:30 Sources 1

About this happening: **Vect** and **TeamPCP** formed a new **ransomware-as-a-service** partnership that combines **supply-chain credential theft** with extortion, expanding the risk of follow-on attac...

Conti campaign expands across multiple victims

Campaign
H score38 First: 12.06.2026 20:54 Last: 12.06.2026 20:54 Sources 1

About this happening: The **Conti ransomware operation** ran as a large-scale **2021-2022** extortion campaign that **stole data** and **encrypted devices** to pressure victims into paying **Bitcoin**....

Silent Ransom Group shifts from Conti-linked ransomware participation to standalone data-theft extortion

Threat Actor Meta
H score21 First: 07.06.2026 17:09 Last: 07.06.2026 17:09 Sources 1

About this happening: **Silent Ransom Group (UNC3753)** is a **standalone data-theft extortion** actor that has operated separately since **2022** after the **Conti** shutdown, using stolen data and le...

Silent Ransom Group US law firm IT impersonation campaign

Campaign
H score36 First: 29.05.2026 16:00 Last: 29.05.2026 16:00 Sources 1

About this happening: **Silent Ransom Group (SRG)**, also tracked as **UNC3753**, **Chatty Spider**, and **Luna Moth**, is running a **financially motivated data theft extortion campaign** against **do...

U.S. sentencing of Deniss Zolotarjovs in Karakurt ransomware case

Law Enforcement
H score39 First: 05.05.2026 13:13 Last: 05.05.2026 13:13 Sources 1

About this happening: **Deniss Zolotarjovs** was **sentenced to 8.5 years in prison** in the **United States** for serving as a **Karakurt ransomware** negotiator, resolving a cross-border cybercrime c...

Timeline

  1. 30.12.2025 17:25 3 articles · 6mo ago

    Former Sygnia and DigitalMint employees plead guilty in BlackCat extortion case

    Legal Policy Action Update

    Ryan Clifford Goldberg and Kevin Tyler Martin, both former employees of cybersecurity incident response firms, pleaded guilty to conspiracy to obstruct commerce by extortion for helping BlackCat (ALPHV) carry out ransomware attacks against U.S. companies; prosecutors say the affiliate group breached multiple victims across the United States in 2023, demanded ransoms ranging from $300,000 to $10 million, and in one case encrypted a Tampa medical device company's servers and received $1.27 million.

    Show sources