BlackCat hacker group breaches major consulting firm, Mazars Group

Mazars Group, a globally recognized auditing, accounting, and consulting services firm, has recently been featured on the ALPHV/BlackCat ransomware dark web blog, known as a platform for criminals to display their most recent targets.


According to the dark web blog of ALPHV/BlackCat, a ransomware syndicate with ties to Russia, Mazars Group has fallen victim to a significant data breach. The post on the group’s blog claims that the criminals successfully obtained over 700 GB of sensitive information, encompassing various documents such as agreements, financial records, and other confidential data.

BlackCat is a rapidly growing malicious actor, accounting for a notable 9.6% of RaaS attacks during the first quarter of 2022. ALPHV/BlackCat came online around 2021, with the group claiming responsibility for over 60 major cyberattacks since then. They operate as a ransomware-as-a-Service (RaaS) business. Similar to other groups, they sell malware subscriptions to other criminals. What sets them apart is their utilisation of the Rust Programming language, as noted in Microsoft’s analysis. This choice of language discloses their possible ties with other prominent ransomware families such as Conti, LockBit, and REvil.

The FBI has been investigating the financial activities of ALPHV/BlackCat, leading to connections with other ransomware gangs like Darkside and Blackmatter. This suggests that the group has an established network within the RaaS business, including money launderers. Their extensive involvement in the ransomware landscape has earned them a reputation as one of the most active gangs.