top of page
Search

Exbyte: BlackByte Ransomware Attackers Deploy New Exfiltration Tool

Symantec’s Threat Hunter Team has discovered that at least one affiliate of the BlackByte ransomware (Ransom.Blackbyte) operation has begun using a custom data exfiltration tool during their attacks. The malware (Infostealer.Exbyte) is designed to expedite the theft of data from the victim’s network and upload it to an external server.




ADVERSARY: Hecamede



MALWARE FAMILIES: LockBit, Ryuk Stealer, BlackMatter, Symantec, BlackByte


ATT&CK IDS: T1083 - File and Directory Discovery, T1530 - Data from Cloud Storage Object


Read More:

3 views

Comments


Commenting has been turned off.
bottom of page