BlackByte Ransomware Attacks Target U.S. Critical Infrastructure
What’s in the advisory?
- According to a joint advisory released by the FBI and U.S. Secret Service, BlackByte has targeted various U.S. and foreign businesses in the last few months.
- Three of its victims belong to government facilities, financial, food and agriculture sectors.
- The advisory identifies BlackByte as a RaaS targeting Windows systems, both physical and virtual servers.
- It further provides technical details, IOCs, and mitigation steps to help organizations stay protected from the group’s attacks.
Attack tactics
Recent victims of BlackByte
- Just a few days ago, NFL’s San Francisco 49ers team was targeted by BlackByte. The attackers claim to have stolen their data and leaked 300MB files on their data leak blog.
- In December 2021, BlackByte’s campaign launched attacks against organizations exposed to ProxyShell flaws in Microsoft Exchange.
Conclusion
Commentaires récents