What We Do
How We Do
Get Started

Decoding AlphV/BlackCat’s Ransomware Operations with Joe Stewart and Keegan Keplinger

About the Episode

The AlphV/BlackCat ransomware-as-a-service gang has been in the news lately thanks to the recent ransomware attack on Change Healthcare that resulted in widespread disruptions to healthcare services and allegedly resulted in the organization paying a $22 million ransom.

Shortly thereafter, an affiliate claimed that BlackCat cheated them out of their share of the $22 million dollar ransom. So, what's going on?

In this episode, Spence Hutchinson speaks with Joe Stewart and Keegan Keplinger all about AlphV/BlackCat's ransomware operations.

Key topics discussed include:

  • Who AlphV/BlackCat ransomware operators are and how they use malvertising to gain initial access
  • The ransomware attack on Change Healthcare
  • The validity of BlackCat claiming that the FBI has seized their Dark Web site and released a decryption tool
  • Signs that a ransomware-as-a-service group is rebranding or preparing an exit scam
Esentire cybertalks logo 2x


Joe Stewart, Principal Security Researcher,


Keegan Keplinger, Research and Reporting Lead,



Spence Hutchinson, Staff Threat Intelligence Researcher,


Want to listen to more podcasts from eSentire?

Get The Podcast