Cybersecurity

The Cat's Out of the Bag: BlackCat's New Toy, Munchkin

By TFH,

Published on Oct 21, 2023   —   3 min read

Summary

BlackCat ransomware has been around since November 2021 and has gained notoriety for its sophisticated malware techniques. The group operates on a Ransomware-as-a-Service (RaaS) model, allowing affiliates to use their tooling in exchange for a portion of the ransom payment.

The BlackCat ransomware gang has recently unveiled a new tool in their arsenal named "Munchkin." This utility facilitates the spread of the BlackCat payload to remote systems and shares within a victim's network. Over the past couple of years, the BlackCat ransomware operators have been refining their tools, aligning with their ransomware-as-a-service (RaaS) business model.

A significant revelation from the Unit 42 researchers is the discovery of a unique instance of Munchkin loaded in a custom Alpine virtual machine (VM). This innovative approach of using a VM to deploy malware has been on the rise, as it allows ransomware actors to bypass security measures when deploying their malicious payloads. Let's dive into the mechanics of Munchkin and explore how it fits into the BlackCat's broader strategy.

The Evolution of BlackCat

BlackCat ransomware has been around since November 2021 and has gained notoriety for its sophisticated malware techniques. The group operates on a Ransomware-as-a-Service (RaaS) model, allowing affiliates to use their tooling in exchange for a portion of the ransom payment. Initially focused on the United States, BlackCat has expanded its operations globally, targeting various industries.

This post is for subscribers only

Subscribe now and have access to all our stories, enjoy exclusive content and stay up to date with constant updates.

Subscribe

Already have an account? Sign in

Share on Facebook Share on Linkedin Share on Twitter Send by email

Subscribe to the newsletter

Subscribe to the newsletter for the latest news and work updates straight to your inbox, every week.

Subscribe