Saved Web Pages

Russia gang claims it stole top-secret U.S. intelligence documents


Published: 21:49 GMT, 31 January 2024 | Updated: 21:50 GMT, 31 January 2024

A Russian ransomware gang allegedly infiltrated a technology company responsible for handling top-secret documents from US intelligence agencies, like the FBI.

The notorious group Blackcat, also known as ALPHV, is threatening to release the classified documents if the company, Technica, does not contact them soon.

Technica is a veteran-owned company that provides technology solutions to support the Federal Government’s mission to defend and protect America.

ALPHV claimed it stole 300 GB of documents that reportedly included Department of Defense contracts and the names, phone numbers and social security numbers of Technica employees. 

The Russian attack comes as a FBI director warned Wednesday that China hackers are preparing ‘to wreak havoc’ in America.

Russian cybergang ALPHV reportedly stole 300 GB of top-secret and classified U.S. intelligence and FBI documents from Technica Corporation

Cybersecurity analyst and security researcher, Dominic Alvieri, confirmed Technica was hacked, and posted a screenshot of ALPHV’s confirmation on X with what appears to be a sample of 29 separate documents obtained by the cybergang.

The motive behind the alleged attack is unclear and it remains unknown if it is associated with the Kremlin. 

Technica’s company works to ‘support the Federal Government and their mission to support, to defend and protect America’s citizens,’ according to its website, making the alleged breach all the more concerning.

‘Incidents like this shouldn’t be considered in isolation,’ Brett Callow, a threat analyst at the cybersecurity firm Emsisoft, told the Daily Dot.

‘Exfiltrated data can be combined with information obtained in other attacks and from other sources, so breaches can be more significant than they may seem.’ has reached out to Technica for comment. 

Russian ransomware group ALPHV says it will release the top-security documents to the public unless Technica Corp contacts it soon.

Last month, the FBI thought it successfully shuttered ALPHV for good after a fight to seize the dark web leak site and enabled more than 500 victims to restore their system.

‘In disrupting the BlackCat ransomware group, the Justice Department has once again hacked the hackers,’ said U.S. Deputy Attorney General Lisa Monaco at the time.

‘We will continue to prioritize disruptions and place victims at the center of our strategy to dismantle the ecosystem fueling cybercrime,’ she added.

Yet only a day later, ALPHV claimed to have ‘unseized’ its website from the FBI, suggesting a continued battle for control over the site.

ALPHV has attacked numerous corporations in recent years, going so far as to hack casinos and shut down their databases, only promising to release the systems once they receive a large sum of money.

ALPHV has become the second-most prolific hacking group in the world, having targeted hundreds of computer networks.

When the FBI seized ALPHV’s site, it said in its search warrant that the ransomware group had attacked more than 1,000 victim’s networks including ‘critical infrastructure entities, medical facilities, school districts, law firms, and financial firms’ around the world.

The U.S. Department of Justice said the global loss amount from ALPHV ransom attacks ‘is in the hundreds of millions and includes ransom payments, destruction and theft of proprietary data, and costs associated with incident response.’

FBI Director Christopher Wray told the U.S. House Select Committee that the U.S. is at risk of hackers from China’s communist party. He said the hackers will ‘wreak havoc’ and ’cause real-world harm’ to Americans

The alleged cyberattack comes as FBI Director Christopher Wray warned that hackers in China are preparing to ‘wreak havoc’ and will ’cause real-world harm’ to Americans.

Wray testified before the House Select Committee on the Chinese Communist Party and called for action against the People’s Republic of China (PRC).

‘The PRC’s cyber onslaught goes way beyond prepositioning for future conflict,’ he said at the hearing.

‘Today, and literally every day, they’re actively attacking our economic security, engaging in wholesale theft of our innovation, and our personal and corporate data.’

Chinese hackers are allegedly targeting U.S. water treatment plants, electrical infrastructure, and oil and natural gas pipelines, Wray testified, adding that the PRC can destroy America, if and when it decides to attack.

The Chinese hackers are working ‘to find and prepare to destroy or degrade the civilian critical infrastructure that keeps us safe and prosperous,’ Wray said.

‘And let’s be clear: Cyber threats to our critical infrastructure represent real-world threats to our physical safety.’

WP Radio
WP Radio