BlackByte executable leaves a ransom note in all directories where encryption occurs.
Ransomware Found in Critical Infrastructure Sectors
SIM Swapping Attacks Growing: FBI
Embedded Devices Vulnerable to Ransomware Attacks
Russian Cyber Alert Misses Mark For OT
The ransom note includes the .onion site that contains instructions for paying the ransom and receiving a decryption key. Some victims reported the actors used a known Microsoft Exchange Server vulnerability as a means of gaining access to their networks.

Incidents Caused by this Malware

Threat Actors Known to use this Malware

No threat actors identified