On Monday the threat actor known as BlackByte announced, via twitter and other criminal forums, the availability of a new data leak site. Referring to itself as “BlackByte version 2.0,” this new site purports to allow victims to delay the publishing of data, download the data, or destroy the data. There is currently one victim listed on the site, and the prices listed for this victim are $5,000, $200,000, and $300,000, respectively.
BlackByte began their operations in 2021, targeting both corporate entities and critical infrastructure. Later that year, researchers from Trustwave released a decryptor for the ransomware, but BlackByte quickly adapted to reduce its effectiveness. Since then, there have been multiple variants of the ransomware seen in the wild.