New ransomware called BlackCat is attacking Philippine-based organizations, according to the latest report of cybersecurity solutions firm Palo Alto Networks.
Targets are organizations in construction and engineering, retail, transportation, commercial services, insurance, machinery, professional services, telecommunication, auto components, and pharmaceutical sectors.
“BlackCat is a ransomware family coded in Rust programming language which has numerous native options and is highly customizable, making it easier for malware authors to pivot and individualize attacks,” Palo Alto Networks said in a media release. “By leveraging this programming language, ransomware attacks can be easily compiled against various operating system architectures of businesses.”
The ransomware family surfaced in mid-November 2021 and quickly gained notoriety for its sophistication and innovation. Operating in a ransomware-as-a-service (RaaS) business model, BlackCat was found soliciting affiliates in known cybercrime forums, offering to allow affiliates to leverage the ransomware and keep 80-90% of the ransom payment. The remainder would be paid to the BlackCat author.
Palo Alto Networks also reported that 94% of organizations across Southeast Asia, including the Philippines, experienced an increase in cybersecurity attacks. As BlackCat poses a new threat in the country, PANW urges companies to secure their networks with the following products and services: Cortex XDR and Nxt-Generation Firewalls (including cloud-delivered security subscriptions such as WildFire).