ALPHV Targets Builcore Next

Miklos Zoltan

By Miklos Zoltan . 14 January 2024

Founder - Privacy Affairs

Alex Popa

Fact-Checked this

ALPHV recently published evidence of their hit against Builcore, a US-based general contractor and remodeling firm from Miami, FL. According to the attacker’s statements, 250GB of data were stolen and encrypted.

  • ALPHV’s public announcement also stated that Builcore refused to pay the ransom
  • As a result, they will publish the stolen data publicly in a 2-week period
  • Builcore has refused to comment on the recent breach, but it is presumed that they resumed their normal operations
  • As is normal with most ransomware actors, ALPHV also chose to shame Builcore publicly for their decision of not paying

ALPHV is a group with history, as it first emerged back in 2021 and immediately became a main focal point for the FBI. The group has been fairly active ever since, usually targeting small and medium-sized companies.

However, they also breached major actors, as was the case with the September 2023 attack against MGM Resorts International and Caesars Entertainment in Las Vegas. In that case, Caesars paid a $15 million ransom, while MGM refused.

Tweet showing the ALPHV attack on Builcore
https://twitter.com/FalconFeedsio/status/1746094738632061192

Instead, MGM opted to shut down its systems for several weeks until they managed to restore them and resume their operations. This decision proved to be very financially costly for MGM anyway.

Our Mission

We believe security online security matters and its our mission to make it a safer place.

Who Is ALPHV?

Despite being active since November of 2021 and being involved in numerous hits, experts are still no closer to discovering the group’s identity and internal structure. However, some links have been found between ALPHV and other hacking groups.

FBI published evidence pointing at the fact that several identified ALPHV developers had ties with DarkSide and BlackMatter. These are 2 extinct RaaS groups (ransomware-as-a-service).

The common theory is that ALPHV is born out of several groups, including REvil, although no conclusive evidence has been found; only circumstantial. No matter its origins, one thing remains certain: ALPHV is extremely efficient and competent.

While not all victims pay the ransom, ALPHV’s success at breaching their defenses is still impressive and suggests that the group is highly capable and very well founded. Some of the money come from ransoms themselves, but that’s not the whole picture.

FBI conducted multi-layered investigations in 2022 and discovered that some of ALPHV’s actors were known money-laundering criminals. This suggests powerful individual at the helm who use ALPHV as a tool for masking their operations.

ALPHV is responsible for numerous attacks on high-profile companies, including one on Reddit in June of 2023. So far, the organization has been credited with over 350 successful hits by May of 2023.

Miklos Zoltan
Founder & CEO Privacy Affairs

Miklos Zoltan is the founder and CEO of Privacy Affairs. Miklos has long-time experience in cybersecurity and data privacy having worked with international teams for more than 10 years in projects involving penetration testing, network security and cryptography.

Miklos founded Privacy Affairs in 2018 to provide cybersecurity and data privacy education to regular audiences by translating tech-heavy and "geeky" topics into easy-to-understand guides and tutorials.

Miklos Zoltan
  • Connect with the author:

Leave a Comment