BlackByte Ransomware Breaches U.S. Critical Infrastructure

Share post:

The Federal Bureau of Investigation (FBI) revealed that the BlackByte ransomware gang broke through the networks of three U.S. organizations operating in critical infrastructure sectors.

The breach, which began three months ago, was revealed in a TLP:WHITE joint cybersecurity advisory released recently in partnership with the U.S. Secret Service.

“BlackByte is a Ransomware as a Service (RaaS) group that encrypts files on compromised Windows host systems, including physical and virtual servers.”

The advisory centers on providing indicators of compromise (IOCs) that organizations can use to detect and defend BlackBytes attacks.

The BlackByte ransomware gang has been active since July 2021 and mainly targets corporate victims globally.

The gang is also notorious for exploiting software vulnerabilities such as Microsoft Exchange Server to gain access to the network of their attacks.

In October, the cybersecurity firm Trustwave developed and launched a free BlackByte decryptor, which enabled some victims to restore their files for free, after the ransomware gang had used the same decryption/encryption key in various attacks.

The two agencies also shared some measures that can help administrators mitigate BlackByte violations.

For more information, read the original story in BleepingComputer.



Related articles

Cyber Security Today, March 22, 2023 – ChatGPT4 is out, poorly-protected Linux servers are exploited, and more

ChatGPT4 is out, poorly-protected Linux servers are exploited, and more. Welcome to Cyber Security Today. It’s Wednesday, March 22nd, 2023. I’m Howard Solomon, contributing reporter on cybersecurity for and in the U.S. The new version of ChatGPT has been released. But if you were hoping that version 4 has made this tool safer

Only 9 per cent of Canadian firms are cyber mature: Cisco report

Only 15 per cent of companies around the world would have a mature cyber readiness, according to survey

Ferrari notifies customers of ransom demand

Exclusive car maker says some client contact information exposed in cy

Government backs down on document demand from Google, Facebook

Change meets criticism that demand for external communications is an invasion

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways