Any files that are encrypted with BlackByte Ransomware will have the .blackbyte extension appended to the end of the encrypted data filename and typically will leave files (ransom notes) named BlackByte_restoremyfiles.hta as explained here by Amigo-A (Andrew Ivanov).
Trustwave has released a decrytor allowing past victims to recover their files for free.
- BlackByte ransomware decryptor released to recover files for free
- Trustwave has made a BlackByte decryptor available for download at GitHub
Hello,
We are facing with a new ransom named "Blackbyte"
We don't find any information about that, in google, duckduckgo or dark web.
Anyone has more details?
BlackByte: "HELLO!"
your network has been hacked
Your documents, and databases encrypted
To decrypt your files, you need to purchase our decryptor.
To decrypt files, follow the instructions below.
FULL INSTRUCTION
1) Email us: blackbyte1@onionmail.org
2) Your domain should be in the email header
3) The body of the letter should contain the key given to you in the note.
4) If you do not write to us within the next 3 days, your details will be posted on our auction.
5) To prove that we can decrypt files, we can decrypt 2 files for free, it should be no more than 3 MB and should not contain important information.
6) Don't use 3rd party software to try decrypt your files, you can cause damage and even we won't be able to restore them.
Our auction is available here: 6iaj3efye3q62xjgfxyegrufhewxew7yt4scxjd45tlfafyja6q4ctqd.onion, for access use Tor Browser
Your key
xxxxxxxxxxxxxxxxxx.
Edited by quietman7, 15 December 2024 - 12:51 PM.
Back to top
