reports that BlackByte ransomware has reappeared to promote a new Tor data leak site that features similar extortion techniques as the LockBit ransomware operation.
Threat actors behind BlackByte version 2.0 have already published one victim on its website, alongside novel extortion strategies including payments of $5,000, $200,000, and $300,000 for delaying publication, downloading, and destroying all stolen data, respectively.
However, BlackByte was observed by cybersecurity intelligence company KELA to have not included the proper cryptocurrency wallet addresses where victims could provide payments.
"The first rule of a ransomware gang is: if you aim to receive ransom, provide your wallet. Doesn't look like new #BlackByte is going to receive any payments..." said KELA in a tweet.
Since launching in the summer of 2021, BlackByte has launched attacks against the San Francisco 49ers
, as well as various critical infrastructure organizations. Microsoft Exchange servers have also been compromised by BlackByte through the ProxyShell vulnerabilities.