Stacks of U.S. 100-dollar bills surround a logo of the U.S. Department of State, featuring an eagle with a shield, arrows, and olive branches. In the background, an abundance of money subtly underscores the importance of DOD investments and CMMC compliance in bolstering national cybersecurity.

For tips on the ALPHV ransomware gang, the US is willing to pay up to$ 15 million.

For information that could help identify or locate the leaders of the ALPHV/Blackcat ransomware gang, the U. S. State Department is offering rewards of up to$ 10 million.

To deter affiliates and initial access brokers, there is also a$ 5 million bounty available for tips on people attempting to participate in ALPHV ransomware attacks.

Between November 2021 and March 2022, the FBI linked this ransomware gang’s first four months of operation to more than 60 breaches across the globe.

According to the FBI, ALPHV has also collected ransom payments from over a thousand victims totaling at least$ 300 million as of September 2023.

According to the State Department, the ALPHV/Blackcat ransomware variant is being offered as a reward of up to$ 10,000 000 000 for information that can help identify or locate any member( s ) in the Transnational Organized Crime group.

Additionally, a reward of up to$ 500,000 is offered for information that leads to the arrest and/or conviction of anyone who conspires to use ALPHV/Blackcat ransomware or makes an attempt to do so in any nation.

More than$ 135 million has been paid for helpful tips since 1986 through the U.S. Transnational Organized Crime Rewards Program ( TOCRP ), which offers these rewards.

To submit tips on ALPHV and other wanted threat actors, the State Department has set up a dedicated Tor SecureDrop server.

State Department Secure Drop Tor page
BleepingComputer’s State Department Secure Drop Tor page

pipelines and ransomware

The DarkSide and BlackMatter ransomware operations are thought to have been rebranded when ALPHV first appeared in November 2021.

Following the Colonial Pipeline attack, the operation was shut down in May 2021 as a result of extensive legal investigations and the seizure of their infrastructure.

In November 2021, the gang re-emerged under the BlackMatter moniker, shut down once more, and then made a comeback in February 2022 as ALPHV/BlackCat.

Following the confirmation of a network breach in November 2023, ALPHV recently asserted another pipeline attack against Canada’s Trans-Northern Pipelines.

The U.S. government also announced rewards of up to$ 10 million in January for identifying the Hive ransomware gang’s leaders.

Up to$ 15 million in rewards for tips on <a href="https://www.bleepingcomputer.com/news/security/us-offers-10m-bounty-for-hive-ransomware-links-to-foreign-governments/” target=”_blank”>Hive, <a href="https://www.bleepingcomputer.com/news/security/us-govt-offers-10-million-bounty-for-info-on-clop-ransomware/” target=”_blank”>Clop, Conti], REvil ( Sodinokibi), and Darkside ransomware operations were previously announced by the State Department.

Skip to content