In an alert posted on Friday, the FBI and the Secret Service (USSS) warned that the ransomware gang had compromised multiple U.S. and foreign businesses, including “at least” three attacks against U.S. critical infrastructure, notably government facilities, financial services and in food and agriculture.
The FBI and USSS advisory states that BlackByte has been deployed in attacks on at least three U.S. critical infrastructure sectors, including government. Interestingly, no such organizations are listed on the gang’s leak site, which could indicate that those organizations paid, that no data was exfiltrated or that BlackByte chose not to release the exfiltrated data,” he said. “That final option is not unlikely: since the arrests of members of REvil, the gangs seem to have become more cautious about releasing data, and especially in the case of U.S. organizations.”
Callow said that while all signs suggest BlackByte is based in Russia, since the ransomware, like REvil, is coded not to encrypt the data of systems that use Russian or CIS-languages — that “shouldn’t be taken to mean the attack was carried out by individuals based in Russia or the CIS.”
For Assistance with IT Support and Service
MORE: Source: Techcrunch
