The ALPHV/BlackCat ransomware group has purportedly claimed two new victims: Verbraucherzentrale Hessen, a consumer advice center in Germany, and Electro Marteix, SL, a company based in Spain. The revelation of the ALPHV ransomware attack comes amidst a turbulent landscape of cyber threats, where ransomware attacks pose significant risks to businesses and organizations worldwide.
The Cyber Express team delved into the matter and confirmed that a cyberattack on Verbraucherzentrale Hessen did indeed occur.
Cyberattack on Verbraucherzentrale Hessen Confirmed
According to a notice posted on the official website of Verbraucherzentrale Hessen, the consumer advice center’s IT infrastructure fell victim to an attack on February 22, 2024. For a brief period, the center experienced limited accessibility, impacting telephones, advice hotlines, and online services.
However, prompt action restored most services, including email communication and website accessibility. Fortunately, data restoration efforts have been largely successful, thanks to the diligent work of IT security experts.
Translated from German to English, the notice on the official website of Verbraucherzentrale Hessen reads, “For a short time, the Hesse consumer center was therefore either unavailable or only accessible to a limited extent. All telephones and advice hotlines as well as the service telephone are now working again. E-mail communication is also possible again without restrictions. The website is accessible and the advice centers are open regularly. Personal consultations and online consultations will take place as planned. Most of the data on the server could be restored.”
The exact modus operandi of the hacker attack remains shrouded in mystery, but Verbraucherzentrale Hessen has assured the public of its commitment to data protection.
Notably, the center minimizes the storage of consumer data on its servers, further mitigating potential risks. Authorities, including the IT security office of the state of Hesse and the state data protection officer, have been notified, and a criminal complaint has been lodged with the Hesse police.
Despite the confirmation of the cyberattack, Verbraucherzentrale Hessen has refrained from disclosing the identity of the hacker group responsible. This reticence leaves questions unanswered and adds layers of uncertainty to the situation.
Doubts Cast on ALPHV Ransomware Claims
In contrast, a visit to the website of Electro Marteix, SL revealed no signs of foul play, casting doubt on ALPHV ransomware’s claim of targeting the Spanish company. However, given the confirmed cyberattack at Verbraucherzentrale Hessen, skepticism surrounds the veracity of the ransomware group’s assertions.
Efforts to verify the alleged cyberattack on Electro Marteix, SL are ongoing. Despite reaching out to company officials, no response has been forthcoming at the time of this report, leaving the claim unsubstantiated.
CISA, FBI, HHS Joint Efforts to Combat ALPHV Ransomware
In a timely response to the escalating ransomware threat, the Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Federal Bureau of Investigation (FBI) and the Department of Health and Human Services (HHS), yesterday unveiled a comprehensive update to the joint advisory, #StopRansomware: ALPHV Blackcat.
This updated advisory equips network defenders with critical insights, new indicators of compromise (IOCs), and tactics associated with the nefarious ALPHV Blackcat ransomware-as-a-service (RaaS) operation.
Notably, the ALPHV Blackcat ransomware campaign has intensified its targeting efforts, particularly focusing on critical infrastructure sectors, including healthcare institutions. Alarming trends uncovered in recent FBI investigations highlight the urgency of collective action within the cybersecurity community to combat this pervasive threat.
As the investigation into these cyberattacks continues, the veil of uncertainty surrounding the activities of the ALPHV ransomware group persists. With Verbraucherzentrale Hessen confirming the attack while ELECTRO MARTEIX, SL remains under scrutiny, the cybersecurity community remains vigilant.
The Cyber Express remains committed to delivering timely updates on this developing story. As new information emerges and the cybersecurity landscape evolves, we will keep our readers informed, providing insights into the ongoing efforts to combat ransomware and safeguard digital infrastructure.
Stay tuned for the latest information on this evolving cybersecurity threat.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
