A new ransomware is reportedly stealing users' data and documents and encrypting various companies' devices. The hackers behind this ransomware then demand hefty amounts of money to release the computers and files they have encrypted. This is the BlackByte ransomware and it is back with version 2.0 that has new extortion techniques borrowed from LockBit. The ransomware steals data and and the blackmailers then demand hefty amounts to decrypt files and not leak data. It is promoting a new data leak site on hacker forums and through Twitter accounts. As reported by Bleeping Computer, It is not clear if the ransomware encryptor has changed but the gang has launched a brand new Tor data leak site.
The report says that the data leak site only has one victim as of now, however, the new extortion strategies force victims to pay nearly $5000 to extend the timeline by 24 hours or face prospect of their data being leaked. They charge $200,000 to $300,000, but these prices may change depending on the size/revenue of the victim.
Here's all you need to know about this newly found ransomware
What is Black Byte 2.0 ransomware?
BlackByte 2.0 ransomware is the rebrand of the older BlackByte ransomware operation launched in the summer of 2021. It steals Corporate data and documents before encrypting a device and demands a wholesome amount to not leak data. It slowly leaks data for each victim to try and pressure them into paying a ransom.
How does BlackByte ransomware work?
According to a cybersecurity intelligence firm KELA, the threat actors breach networks using vulnerabilities. In the past, they had breached Microsoft Exchange servers using the ProxyShell attack chain.
Read more on tech.hindustantimes.com