BlackByte

MITRE

Tipo:
Unknown

Paese:
Unknown

Prima attivita:
Unknown

Dettagli:

[BlackByte](https://attack.mitre.org/groups/G1043) is a ransomware threat actor operating since at least 2021. [BlackByte](https://attack.mitre.org/groups/G1043) is associated with several versions of ransomware also labeled [BlackByte Ransomware](https://attack.mitre.org/software/S1180). [BlackByte](https://attack.mitre.org/groups/G1043) ransomware operations initially used a common encryption key allowing for the development of a universal decryptor, but subsequent versions such as [BlackByte 2.0 Ransomware](https://attack.mitre.org/software/S1181) use more robust encryption mechanisms. [BlackByte](https://attack.mitre.org/groups/G1043) is notable for operations targeting critical infrastructure entities among other targets across North America.(Citation: FBI BlackByte 2022)(Citation: Picus BlackByte 2022)(Citation: Symantec BlackByte 2022)(Citation: Microsoft BlackByte 2023)(Citation: Cisco BlackByte 2024)

MITRE ATT&CK: View on MITRE

Tecniche Utilizzate (49)

ID	ATT&CK	Tattiche
T1003	OS Credential Dumping	-
T1012	Query Registry	-
T1016	System Network Configuration Discovery	-
T1018	Remote System Discovery	-
T1021.001	Remote Desktop Protocol	-
T1021.002	SMB/Windows Admin Shares	-
T1036.008	Masquerade File Type	-
T1041	Exfiltration Over C2 Channel	-
T1046	Network Service Discovery	-
T1047	Windows Management Instrumentation	-
T1053.005	Scheduled Task	-
T1055	Process Injection	-
T1055.012	Process Hollowing	-
T1059.001	PowerShell	-
T1059.003	Windows Command Shell	-

Alias (104)

Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede Hecamede

Malware Utilizzato (8)

AdFind
tool

Arp
tool

BlackByte 2.0 Ransomware
other

BlackByte Ransomware
other

Cobalt Strike
other

Exbyte
other

Mimikatz
tool

PsExec
tool

Metadata

ID:	915
Created:	13/01/2026 17:48
Updated:	06/03/2026 04:00