blackout
1 incidentes
1 paises
1 sectores
ransomware RU Ultimo: 2026-06-25
Aliases: Blackoutware
Blackout is a ransomware group that emerged in early 2024, initially targeting healthcare entities and later expanding its operations to various sectors including telecommunications, mining, and manufacturing. The group is financially motivated, employing a double extortion model where stolen data is published on a dedicated leak blog if ransom demands are not met. Blackout is known for developing and deploying its own ransomware and actively promoting its activities on underground forums to build notoriety and apply pressure on victims. This group is distinct from an older, open-source project also named 'BLACKOUT ransomware'.
RansomLook pivots
Data, inteligencia y referencias externas para contrastar actividad ransomware del actor.
Paises afectados
Paises objetivo (SOCRadar)
Brazil
Canada
China
Germany
Spain
France
Greece
Croatia
Japan
MexicoSectores atacados
Healthcare (1)
Sectores objetivo (SOCRadar)
Construction of BuildingsFood ManufacturingOther Information ServicesRail TransportationHospitalsEnterprises & HoldingAccommodationAir TransportationManufacturingConstruction