Payments Giant NCR Hit by Ransomware
US payments giant NCR has confirmed being targeted in a ransomware attack for which the BlackCat/Alphv group has taken credit. Cybersecurity researcher Dominic Alvieri noticed on April 15 that the ransomware group known as BlackCat, Alphv and Noberus took credit for the attack on its Tor-based leak website, but the post was quickly removed by the hackers. NCR first reported investigating an “issue” related to its Aloha restaurant point-of-sale (PoS) product on April 12. The hackers claimed they did not steal any actual NCR data, but they did obtain “a lot of credentials” that can be used to access NCR customer networks. The removal of the post naming NCR from BlackCat’s leak website suggests that negotiations have started and the cybercriminals are hoping to get paid. SecurityWeek has reached out to the company to find out if it plans on paying a ransom. Malware: BlackCat(Linux), BlackCat, ALPHV, BlackCat(Windows), DarkSide(Windows), Darkside, Blackmatter, BlackMatter(Linux), BlackMatter(Windows), DarkSide(Linux), CobaltStrike [View Article](https://www.securityweek.com/payments-giant-ncr-hit-by-ransomware/)