The U.S. Department of Justice (DOJ) said that as part of a multi-national law enforcement operation, the FBI created a decryption tool that helped it return the data of more than 500 ransomware victims. The Justice Department also wrote that the bureau had seized "several websites" operated by the ALPHV/Blackcat ransomware gang.
However, BleepingComputer reported that by this afternoon, ALPHV/Blackcat claimed to have regained control of its website, and the FBI had only obtained decryption keys for more than 400 companies, leaving more than 3,000 victims whose data was still encrypted.
The gang also reportedly said it would no longer restrict affiliates using its ransomware from attacking critical infrastructure, including hospitals and nuclear power plants.
According to the Department of Justice, "Over the past 18 months, ALPHV/Blackcat has become the second most prolific ransomware-as-a-service variant in the world, based on hundreds of millions of dollars in ransom payments from victims worldwide." In its model, the gang is responsible for creating and updating ransomware, while affiliates find targets and launch attacks, and then they split the profits.
This summer, the gang also claimed responsibility for a Reddit hack, demanded $4.5 million for the return of data, and stole data from game publisher NamcoBandai. Towards the end of the summer, the gang claimed to have shut down several MGM Resorts casinos and hotels in Las Vegas, Nevada.