Skip to main content
Skip to main content
Microsoft Security Intelligence
Published Dec 07, 2006 | Updated Apr 04, 2023

DDoS:Win32/Blackcat

Detected by Microsoft Defender Antivirus

Aliases: No associated aliases

Summary

BlackCat ransomware, also known as ALPHV, was first observed in November 2021. It operates as a ransomware as a service (RaaS), where affiliates pay for software that enables them to launch ransomware attacks.

BlackCat ransomware operators allow affiliates to customize payloads, giving them the opportunity to target different operating systems (Windows and Linux) and corporate environments. The ransomware is written in the Rust programming language, which presents a challenge for traditional security solutions to analyze binaries generated by it.

Learn about how this threat can be used in an attack:

If you have cloud-delivered protection, your device gets the latest defenses against new and unknown threats. If you don't have this feature enabled, update your antimalware definitions and run a full scan to remove this threat.

You can also visit our advanced troubleshooting page or search the Microsoft virus and malware community for more help.

Follow us