Parsing: enabled
Description
Blackout surfaced in February 2024 and operates using a double-extortion model. Targets span sectors like healthcare, mining, telecommunications, and food & beverage—in countries including France, Canada, Mexico, Croatia, and Spain. This ransomware employs conventional cryptographic techniques (details unspecified), appends a custom extension to encrypted files, and presents victims with ransom demands via a Tor-based leak/negotiation site. The operation runs as a crypto-ransomware and data broker, combining extortion with data publication threats.
External Analysis1
| External Analysis |
|---|
| https://www.watchguard.com/wgrd-security-hub/ransomware-tracker/blackout |
Telegram1
| Telegram |
|---|
| https://t.me/blackout_supp |
Tox1
| Tox |
|---|
| 36A73D90C66948D9268BDC4174A40E0064C43F10A35AEAA9DD74B3A14EF5654872D5DC67FC14 |
Urls1
| Url | ||||
|---|---|---|---|---|
| http://black3gnkizshuynieigw6ejgpblb53mpasftzd6pydqpmq2vn2xf6yd.onion | Up |
|
File servers8
| Url | ||||
|---|---|---|---|---|
| http://4qyjonpyksc52bc3fsgfgedssqgo4a6vlfsjknqnkncbyl4layqkqjid.onion/ | Up |
|
||
| http://ao5oo2luy6avdfomyw7hcegmfl4let2g5bzjqjzch6b5rpdshmuvccad.onion | Down |
|
||
| http://urey23jtg6z7xx3tiybmc4sgcim7dawiz2abl6crpup2lfobf7yb5wyd.onion | Up |
|
||
| http://mu6se7h7qfwuqclr4cc6zy7qevod6gyk37aq5vwnayrtbx3qqycx2fyd.onion | Up |
|
||
| http://eleav2eq3ioyiuevbyvqaz3vruwvpislphszo4cm7n56itbpnupxngyd.onion | Up |
|
||
| http://2cyxmof76rxeqze5snxxooqmhzjtcploqswxoxmenfayphumdhrtrzqd.onion | Up |
|
||
| http://rqqn25k3hgmfkh7ykjbmakjgidwweomr7cbpy6pfecpxs57r5iwzwtyd.onion | Up |
|
||
| http://idep6vd7ywl7uruhsutqjdnjawe33hct35523rrmf73kb46xrhfb5sid.onion/ | Up |
|
Activity (interactive) 12
Posts12
| Date | Title | Description | Screen |
|---|---|---|---|
| en.yofc.com | Yangtze Optical Fibre and Cable (YOFC) is a leading global supplier of op...2 |
|
|
| www.miatech.net | Miatech is a US-based company that provides passenger travel services for...20 |
|
|
| yano.tokyo | Yano Electronics Ltd. is a company in the field of microelectronics, we p...19 | ||
| nedamaritime.gr | Neda Maritime is an independent shipping company that manages and operate...2 |
|
|
| cdc-biodiversite.fr | CDC Biodiversité is a French environmental protection company making tens...11 |
|
|
| antaeustravel.com | Antaeus Travel is a travel agency specializing in corporate and sea trave...6 |
|
|
| luzan5.com | luzan5.com is a small company in the healthcare consulting field, perhaps...20 |
|
|
| badel1862.hr | Badel 1862 is an alcoholic beverage manufacturer from Croatia and at the ...29 |
|
|
| mcmtelecom.com | We carried out an attack on mcmtelecom.com, a b2b telecommunications prov...5 |
|
|
| ht-hospitaltechnik.de | Why don't medical companies pay us? As usual we got into the network ht-h... |
|
|
| ch-armentieres.fr | First post on our new blog ! We encrypted 100+ servers and workstations ... |
|
|
| metal7.com | This time we dug into the network of metal7.com, a company that manufactu... |
|