US Puts Up $10M Bounty on BlackCat Ransomware Gang Members

The US Department of State has announced it's putting a $10 million bounty up for information that can help law enforcement track down anyone who, on behalf of another nation, is launching cyberattacks against American infrastructure.

The Feds specifically called out the BlackCat/ALPHV ransomware-as-a-service operation, which provided support to the adversary who compromised Change Healthcare, wreaking havoc on the US healthcare system and racking up billions in damages.

While millions in bounty cash is liable to draw the attention of cybercriminals in a position to know all about the BlackCat operation, these Russian-speaking threat actors are believed to be operating well outside of US law enforcement jurisdiction.

"Much like the old Wild West, the bounty program would be effective if not for the protection racket enjoyed by this cybercrime crew and a rogue nation state," Tom Kellerman, senior vice president of cyber strategy at Contrast Security, said in an emailed statement in reaction to the news of the reward.