New Variant
The hackers call this new launch of their operation BlackByte version 2.0, currently, it is unclear if the ransomware encryptor has changed too, the hacking group has launched a brand new Tor data leak website.
The data leak website currently has only one target but now consists of new extortion techniques that let victims to pay for extending the duration of their data by one day ($5000), download the data ($200,000), or delete all the data ($300,000). The costs are likely to change, it depends on the size/earning of the victim.
But, as said by the cybersecurity intelligence agency KELA, BlackByte's latest data leak website is not rightly embedding the Monero and Bitcoin addresses that users can use to buy or delete the data, which makes these features not perfect.
The aim of these latest extortion tricks is to let the victim to pay to delete all their data and for other hackers to buy it if they want. Lockbit released these same extortion techniques with the launch of their 3.0 version and are observed more as a bluff than as viable extortion techniques.
What is BlackByte
The BlackByte ransomware operation was released last year when the attackers started compromising corporate networks for stealing data and encrypting devices.
Their biggest profile attack was against the NFL's 49ers, however a joint advisory from the secret service and FBI said that they were also behind attacks on critical infrastructure systems, these include financial institutions, government facilities, and agriculture, and food industries.
The hackers are popular for breaching networks using bugs and have earlier compromised Microsoft Exchange servers via a ProxyShell attack chain.
Last year, a vulnerability was found in the operation that allowed to create a free BlackByte decryptor. Sadly, when the flaw was found, the hackers patched it.
