bluebox
1 incidentes
1 paises
0 sectores
ransomware Ultimo: 2026-06-25
Bluebox is a data extortion group that emerged in early December 2024, operating a data leak site (DLS) to pressure victims into paying ransoms. The group's primary motivation is financial, and it distinguishes itself by threatening to notify data protection authorities in victims' countries to amplify pressure for payment. While the group claims to delete stolen data upon successful ransom payment, there is no public indication they use file encryption. The group's name derives from a historical phreaking tool, and it is important not to confuse this threat actor with legitimate cybersecurity products or companies also named Bluebox.
RansomLook pivots
Data, inteligencia y referencias externas para contrastar actividad ransomware del actor.
Paises afectados
Paises objetivo (SOCRadar)
FranceGuadeloupe
SwedenVenezuela, Bolivarian Republic ofSectores objetivo (SOCRadar)
ConstructionManufacturingWholesale TradeTransportation&WarehousingProfessional&Technical ServicesEnterprises & HoldingAccommodation&Food ServicesConstruction of BuildingsElectrical&Electronical ManufacturingElectrical Equipment, Appliance, and Component Manufacturing