Close

Get in Touch

Contact us to learn more about our elite cybersecurity services and industry-leading technologies.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Close
Breachquest

Emergency Incident Assistance

Is your network under attack? Get in touch with a
BreachQuest Specialist right away with this form.

You can also reach us by calling our 24/7 hotline.

+1 888 409 5811

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

You can also reach us by calling our 24/7 hotline.

+1 888 409 5811

BlackByte

BlackByte first launched its operation in July of 2021, breaching corporate networks to steal data and encrypt devices similar to other ransomware variants such as Lockbit 2.0. Since at least August 2021, the manufacturing, wholesale, retail, and legal services industries have been impacted by ransomware as a service (Raas). This ransomware operation had disappeared for a while but has now returned in 2022 with techniques utilized by LockBit and promoting its updated features such as their new data leak site. The group has been known to use phishing emails or exploit unpatched ProxyShell vulnerability in Microsoft Exchange Servers to gain the initial access into a system. The ransomware also tries to discourage victims from using the public decryptor, adding a warning message on their site and in ransom notes.

Go Back Go to Glossary index
Share this article:

Sign up for our newsletter to get more industry news and insights.

Related Resources

BlackByte ransomware gang is back with new extortion tactic

Learn more