Security News > 2022 > February > FBI: BlackByte ransomware breached US critical infrastructure
The US Federal Bureau of Investigation revealed that the BlackByte ransomware group has breached the networks of at least three organizations from US critical infrastructure sectors in the last three months.
"As of November 2021, BlackByte ransomware had compromised multiple US and foreign businesses, including entities in at least three US critical infrastructure sectors.," the federal law enforcement agency said [PDF].
"BlackByte is a Ransomware as a Service group that encrypts files on compromised Windows host systems, including physical and virtual servers."
The IOCs associated with BlackByte activity shared in the advisory include MD5 hashes of suspicious ASPX files discovered on compromised Microsoft Internet Information Services servers and a list of commands the ransomware operators used during attacks.
BlackByte ransomware operation has been active since at least July 2021, when it started targeting corporate victims worldwide.
In October, cybersecurity firm Trustwave created and released a free BlackByte decryptor, enabling some victims to restore their files for free after the ransomware gang used the same decryption/encryption key in multiple attacks.
News URL
Related news
- FBI: BlackSuit ransomware made over $500 million in ransom demands (source)
- FBI: BlackSuit ransomware behind over $500 million in ransom demands (source)
- FBI and CISA Warn of BlackSuit Ransomware That Demands Up to $500 Million (source)
- FBI disrupts the Dispossessor ransomware operation, seizes servers (source)
- FBI Shuts Down Dispossessor Ransomware Group's Servers Across U.S., U.K., and Germany (source)
- Ransom Cartel, Reveton ransomware owner arrested, charged in US (source)
- US accuses man of being 'elite' ransomware pioneer they've hunted for years (source)
- SOCI Act 2024: Thales Report Reveals Critical Infrastructure Breaches in Australia (source)
- CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks (source)
- Food security: Accelerating national protections around critical infrastructure (source)