BlackByte ransomware gang returns with new extortion tactics

The BlackByte ransomware is back with new extortion tactics, which are included in an updated version 2.0. The gang has launched a new Tor data leak site which include one victim.

The data leak website offers new extortion strategies that allow victims to pay $5,000 to extend the release of their data by 24 hours, download the data for $200,000, or destroy all data for $300,000.

Prices are expected to change according to the size and income of the victim. The aim of these new extortion techniques is to enable victims to pay to delete their data and other threat actors to buy it if they so wish.

After carefully examining the new BlackByte data leak website, cybersecurity intelligence firm KELA said the site did not properly embed the Bitcoin and Monero addresses that “customers” can use to purchase or delete the data.

BlackByte is a ransomware operation launched in the summer of 2021. Attackers broke into corporate networks, including Microsoft Exchange servers. According to the FBI and Secret Service, the attackers target critical infrastructure sectors such as government institutions, the financial and food industries, and agriculture. The aim of the attacks is to steal data and encrypt devices using vulnerabilities.

The sources for this piece include an article in BleepingComputer.

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web