ALPHV Reaches Saudi Arabia

Miklos Zoltan

By Miklos Zoltan . 3 January 2024

Founder - Privacy Affairs

Alex Popa

Fact-Checked this

ALPHV, also known as BlackCat or Noberus, attacked SAED International from Saudi Arabia, inflicting serious internal damages and financial losses. Confirmation of the attack came only recently, since the event took place on 27 of December, 2023.

  • ALPHV is a veteran of the ransomware game, by general standards, as the organization emerged as early as 2021
  • The group attacked numerous high-profile targets, including Reddit in 2023
  • This most recent attack remained unconfirmed for close to a week, the reason being that SAED International tried to hide the event from its clients to prevent panic to prevent even more significant financial losses

SAED International is an important actor in the Human Resources department with an impressive list of clients worldwide. These include names like Conrad Hotels, Schindler, Mednet, Intercontinental, Johnson Controls, and many others.

This, along with the company’s overall reputation and size, may explain the target on its back. ALPHV conducted an aggressive attack, circumventing the victim’s defenses and stealing important internal data.

Tweet showing the ALPHV attack on SAED International
https://twitter.com/FalconFeedsio/status/1742437936661254646

The organization’s operations were also impeded, rendering its website unreachable. The extent of the financial losses incurred by SAED International are unclear at the time of writing this article.

Despite the breach taking place on 27th of December last year, ALPHV itself only published evidence of the attack on 2nd of January, 2024.

Who Is ALPHV?

ALPHV is an aggressive cybergang with deep connections within the cyber-criminal world. The organization often operates alone and targets highly reputed targets, but often collaborates with other cyber-criminal organizations as well.

The actual origins of the organization are still only theoretical. While ALPHV has been active for more than 2 years at this point, little is known by its actual composition and roots. Following its emergence in November of 2021, the FBI immediately took notice.

FBI released an advisory in April of the following year, showing that BlackCat had connections with 2 other, now defunct, organizations: DarkSide and BlackMatter. This showed that ALPHV is pretty much a recycled entity.

FBI also cracked down on the group recently, as 19th of December 2023 came with bad news for ALPHV. FBI released evidence that it managed to seize multiple sites associated with the group and disrupt ALPHV’s operations.

Furthermore, FBI specialists managed to release a decryption tool that victims can use to recover their data and regain control over their systems. You can read more about the aftermath of the attack on BlackCat here!

Our Mission

We believe security online security matters and its our mission to make it a safer place.

Leave a Comment