• Home
  • News
  • ALPHV Ransomware Attack on Execuzen

ALPHV Ransomware Group Attacks Execuzen Ltd. in a Brazen Data Breach

Alex Popa

By Alex Popa . 14 November 2023

Cybersecurity Journalist

Miklos Zoltan

Fact-Checked this

The Alpha Black Cat Team, also known as ALPHV, has just announced on their Telegram account that they’ve added Execuzen Ltd to their victim list.

  • The ransomware group claims to have stolen personal data, photos, and sensitive corporate info from Execuzen
  • They’ve threatened to go public with the information if Execuzen does not negotiate with them
  • Execuzen Ltd is a global search and consultancy firm with an estimated net worth of £6,858,494 or $8,533,537 USD in 2021
  • ALPHV is a ransomware-as-a-service business that appeared in 2021 and has worked with other ransomware families like REvil, Conti, and Lockit, and gained notoriety after attacking MGM Resorts International and Caesars Entertainment

ALPHV made this announcement on their official Telegram account, where they threatened Execuzen with publishing all the stolen data unless they negotiated with them.

Screenshot of a Telegram announcement by ALPHV about the Execuzen attack
Screenshot of a Telegram announcement by ALPHV about the Execuzen attack

The FBI claims that ALPHV has ties with the Darkside and Blackmatter ransomware cartels, which would indicate that ALPHV is well-respected in the RaaS business industry.

According to a Ransomlooker analysis, ALPHV was one of the most active ransomware gangs in the last 12 months, attacking a total of 317 organizations in the world.

Their collaboration with other known ransomware families like REvil, Contin, and LockBit is another worrying factor that adds to the infamy of ALPHV.

Execuzen Ltd, the newest victim, hasn’t made any statements yet, so we don’t know if they’ll pay a ransom or not.

Our Mission

We believe security online security matters and its our mission to make it a safer place.

ALPHV History of Attacks

ALPHV gained notoriety after partnering with the Scattered Spider hacker group, a relatively new hacker group that appeared in May 2022.

Together, they attacked two Las Vegas strip behemoths, MGM and Caesars. Caesars had to pay a ransom of millions of dollars, while MGM refused, instead having to temporarily shut down all its systems throughout all 31 resorts.

These two attacks were one of the highest-scale cyberattacks in history, and it’s quite certain that ALPHV took part in the attacks.

Not long after the attacks, a detailed description of the MGM attack appeared on ALPHV’s dark web blog.

ALPHV also attacked Dragos, a large cybersecurity service provider, claiming that they had data about its executive members because of a third-party data breach.

The company stated that they have not been contacted by the hackers nor have they received any ransomware demands.

ANOZR, another cybersecurity analyst, said that ALPHV has been responsible for around 12% of all ransomware attacks in 2022, clearly indicating that this is a very powerful and extensive network of hackers.

Their latest victim, Execuzen Ltd, is a major global search and consultancy firm, and previous attacks show that ALPHV is primarily motivated by financial reasons.

As of yet, Execuzen has not released any statement, so we don’t know what course of action they will choose.

Leave a Comment