B0 Group

Description

B0 is a relatively obscure ransomware operation with very limited public reporting outside of leak site monitoring. It appears to operate a data-extortion model, with a dedicated leak site on the Tor network, and no confirmed use of encryption-based ransomware in documented incidents. The group is listed in ransomware tracking services from at least mid-2024, but there are no major vendor reports describing their victimology, intrusion methods, encryption schemes, or specific targeting patterns. Its branding and operational style suggest a small, self-contained group rather than a large RaaS platform.