Updated on 2022-10-17
CloudSEK researchers have published a technical breakdown of the BlueSky ransomware. First spotted in the wild in May this year, the ransomware is believed to be operated by a Russian national from Krasnodar, according to a previous report from the same company. Another technical report on this threat is also available courtesy of Italian security firm YOROI. Read more:
- Technical Analysis of BlueSky Ransomware
- Tracking the Operators of the Newly Emerged BlueSky Ransomware
- Dissecting BlueSky Ransomware Payload – Yoroi
Updated on 2022-10-03
Italian security firm YOROI has published a technical breakdown of the BlueSky ransomware. First spotted in the wild in May this year, the ransomware is believed to be operated by a Russian national from Krasnodar, according to a previous report from CloudSEK. Read more:
- Dissecting BlueSky Ransomware Payload – Yoroi
- Tracking the Operators of the Newly Emerged BlueSky Ransomware
Overview
CloudSEK researchers have published some initial details and IOCs on the new BlueSky ransomware, first spotted this year in May and believed to be connected to the former Conti gang. CloudSEK also said it believes to have tracked down the ransomware’s operator to someone located in Krasnodar, Russia.
