{"id":7321,"date":"2022-08-17T17:59:39","date_gmt":"2022-08-17T08:59:39","guid":{"rendered":"https:\/\/cyberenso.jp\/?p=7321"},"modified":"2022-10-13T18:08:12","modified_gmt":"2022-10-13T09:08:12","slug":"blackbyte-ransomware-gang-returns-with-new-extortion-tactics","status":"publish","type":"post","link":"https:\/\/cyberenso.jp\/en\/blackbyte-ransomware-gang-returns-with-new-extortion-tactics\/","title":{"rendered":"BlackByte ransomware gang returns with new extortion tactics"},"content":{"rendered":"\t\t
\n\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t

The BlackByte ransomware operation has returned with version 2.0 of their operation which introduces a new data leak site utilizing new extortion techniques borrowed from LockBit. Since their return, the BlackByte ransomware operation has been promoting a new data leak site on hacker forums and through Twitter accounts the threat actor seems to be controlling.<\/p>

At the time of writing, the new data leak site only includes one victim but it now has new extortion strategies that allow victims to pay to extend the publishing of their data by 24 hours or download the data or destroy all the data. Although KELA, a cybersecurity intelligence firm has pointed out that BlackByte’s new data leak site is not correctly embedding the Bitcoin and Monero addresses that their possible customers can use to purchase or delete the data, making these new features currently broken.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

The BlackByte ransomware operation has returned with version 2.0 of their operation which introduces a new data leak site utilizing new extortion techniques borrowed from LockBit. Since their return, the BlackByte ransomware operation has been promoting a new data leak site on hacker forums and through Twitter accounts the threat actor seems to be controlling. At the time of writing, [\u2026]<\/span><\/p>\n","protected":false},"author":1,"featured_media":7326,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[12,9,2,8,1],"tags":[],"class_list":["post-7321","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-read_article","category-ransomware_criminals","category-ce_news","category-industry_sector","category-uncategorized"],"acf":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/cyberenso.jp\/wp-content\/uploads\/2022\/10\/Picture1-2.jpg?fit=1378%2C918&ssl=1","_links":{"self":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/7321"}],"collection":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/comments?post=7321"}],"version-history":[{"count":6,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/7321\/revisions"}],"predecessor-version":[{"id":7330,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/7321\/revisions\/7330"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/media\/7326"}],"wp:attachment":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/media?parent=7321"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/categories?post=7321"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/tags?post=7321"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}