The Federal Bureau of Investigation (FBI) announced it has created a tool that will unlock and recover computer systems disrupted by the ransomware used by the shadowy group of Russian cyber-criminals against MGM Resorts by a Russia-based operation called ALPHV or BlackCat in September.
The new tool, created by a coalition of U.S. and European law enforcement agencies, has disrupted the ransomware operation, which uses malicious software to lock up victims’ computer networks and demand payment, according to the FBI and the U.S. Justice Department.
The department said it is releasing a decryption tool to help victims free their computer systems from the malicious software used by the group, one of the world’s largest cyber-criminal operations.
The ALPHV software disrupted the hotel and casino operations of MGM gaming properties across the U.S., shutting down computers used in registration, idling some slot machines and disabling room keys. The operator reported that the attack ultimately cost the company $100 million, though most was covered by insurance.
A similar attack was launched against Caesars Entertainment, which has widely been reported to have paid the ransom to the group to protect customer data.
ALPHV also has been deployed against multiple U.S. hospitals and local governments in the last year, Brett Callow, an analyst at the cybersecurity company Emsisoft, told NBC News.
ALPHV and the similar BlackCat software have contributed to the collection of more than $200 million in ransom payments since late 2021, a spokesperson for Chainalysis, a company that tracks cryptocurrency payments, told NBC.
The tool announced by the Justice Department seeks to counter both versions of the software. ALPHV’s website now displays a banner that reads that it has been seized by law enforcement.
