The ALPHV Ransomware Gang Attacks RecordTV

The ALPHV ransomware gang has attacked RecordTV. On October 8th, RecordTV, a news channel in Brazil, experienced a cyber-attack that resulted in a complete network outage. The attackers stole the personal data of employees, network maps containing credentials for both local and remote services, and additional data. Cadu Safner initially reported the attack, revealing the severity of the situation on Twitter. "Employees are unable to perform live broadcasts. They have been released from work today. The situation is dire," stated the journalist.

Impact on RecordTV's Operations

ALPHV, also known as BlackCat, is a ransomware-as-a-service (RaaS) operation known for infecting numerous companies in the past. This cyber-attack forced the broadcaster to modify its schedule. The news program "Fala Brasil" was suspended at around 9 am, and alternative content was aired until 12 noon. Following the schedule adjustment, RecordTV aired episodes of the series "Todo Mundo Odeia o Chris," which is typically shown on Sunday mornings. By early afternoon, the television network had successfully resumed its regular programming.

ALPHV/BlackCat Ransomware Details

The company has not issued an official statement confirming or denying the incident. First observed in late 2021, ALPHV/BlackCat employs a well-developed RaaS platform that encrypts by way of an AES algorithm where the AES key is encrypted using an RSA public key. ALPHV/BlackCat has the ability to disable security tools and evade analysis.