BleepingComputer reports that BlackByte ransomware has reappeared to promote a new Tor data leak site that features similar extortion techniques as the LockBit ransomware operation.
Threat actors behind BlackByte version 2.0 have already published one victim on its website, alongside novel extortion strategies including payments of $5,000, $200,000, and $300,000 for delaying publication, downloading, and destroying all stolen data, respectively.
However, BlackByte was observed by cybersecurity intelligence company KELA to have not included the proper cryptocurrency wallet addresses where victims could provide payments.
"The first rule of a ransomware gang is: if you aim to receive ransom, provide your wallet. Doesn't look like new #BlackByte is going to receive any payments..." said KELA in a tweet.
Since launching in the summer of 2021, BlackByte has launched attacks against the San Francisco 49ers, as well as various critical infrastructure organizations. Microsoft Exchange servers have also been compromised by BlackByte through the ProxyShell vulnerabilities.
Ransomware, Malware
Novel data extortion methods accompany BlackByte ransomware reemergence
An In-Depth Guide to Ransomware
Get essential knowledge and practical strategies to protect your organization from ransomware attacks.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
Related Terms
AdwareYou can skip this ad in 5 seconds