Indicators of Compromise Associated with BlackByte Ransomware

From a newly released Joint Cybersecurity Advisory:

SUMMARY
This joint Cybersecurity Advisory was developed by the Federal Bureau of Investigation (FBI) and the U.S. Secret Service (USSS) to provide information on BlackByte ransomware. As of November 2021, BlackByte ransomware had compromised multiple US and foreign businesses, including entities in at least three US critical infrastructure sectors (government facilities, financial, and food & agriculture). BlackByte is a Ransomware as a Service (RaaS) group that encrypts files on compromised Windows host systems, including physical and virtual servers.

Download the 6-page technical details advisory from ic3.gov (pdf)

'Trickery and f...ery': Agency under fire over senior manager's 'serious' privacy breach
Software companies must be held liable for British economic security, say MPs
UK privacy regulator has seen ‘collapse in enforcement activity,’ rights coalition says
Shai-Hulud malware infects 500 npm packages, leaks secrets on GitHub
SEC Voluntarily Dismisses SolarWinds Litigation
Cyberattack disables Onsolve Code Red emergency alert system across St. Louis region (1)

Related: