alphv attacks Calvetti Ferguson
Incident Date:
April 22, 2022
Overview
Title
alphv attacks Calvetti Ferguson
Victim
Calvetti Ferguson
Attacker
Alphv
Location
First Reported
April 22, 2022
Calvetti Ferguson Targeted by Alphv Ransomware Group
Calvetti Ferguson, a middle-market accounting and advisory firm, has been targeted by the Alphv ransomware group, as claimed on the group's dark web leak site. The company, which provides tax, assurance, advisory, technology advisory, and accounting services to businesses, high net worth families, and private equity firms, has been affected by the attack.
Company Profile
Calvetti Ferguson is a well-established firm with a strong reputation in the industry. They are known for their expertise in addressing complex corporate and partnership tax needs and streamlining business processes for growing companies.
Vulnerabilities
The specific vulnerabilities that led to the successful attack on Calvetti Ferguson are not detailed in the search results. However, it is known that Alphv ransomware is deployed as part of Ransomware as a Service (RaaS) operations and is written in the Rust programming language, supporting execution on Windows, Linux-based operating systems, and VMWare ESXi. Alphv can encrypt files using either the AES or ChaCha20 algorithms and can delete volume shadow copies, stop processes and services, and stop virtual machines on ESXi servers to maximize the amount of ransomed data.
Response and Mitigation
The search results do not provide information on the response from Calvetti Ferguson or any mitigation measures they have taken to address the ransomware attack.
Sources
- Calvetti Ferguson Website (Currently unavailable)
- Calvetti Ferguson - Accounting, Consulting, Advisory, Tax Compliance (CPAs and Advisors)
- Letter: A - Definitions.net
- Ransomware Posts - GitHub Pages
- alphv details - RansomLook
- Groups profiles - RansomLook
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.