PanelActoresCampanasMapaTTPs
Panel » Actores » bluesky
ArsenalExploitsTTP MatrixKillChainMapaActoresSSLBLRansomLookRansomwhereAlertasCyberNews
bluesky logo

bluesky

2 incidentes 1 paises 0 sectores ransomware RU Ultimo: 2026-06-25
Ver en IntelTracker → APTTrail →
BlueSky is a ransomware variant that emerged in June 2022, primarily focused on financial extortion. This ransomware family is believed with high confidence to be operated by threat actors of Russian origin. It is notable for its rapid encryption capabilities achieved through multithreading, a technique that bears code similarities to Conti v3 and Babuk ransomware. Unlike some other prominent ransomware groups, BlueSky has not been observed operating a public data leak site. The group uniquely assigns a user ID to each victim, generated based on system information, to track them and manage the decryption process.
Tecnicas MITRE
T1110, T1021, T1569, T1003, T1562, T1486
CVEs relacionadas
CVE-2023-27350

RansomLook pivots

Data, inteligencia y referencias externas para contrastar actividad ransomware del actor.

Abrir perfil →
Data
RecentBrowseTrendingStats
Intel
GroupURLsCryptoLeaksNotesAnalysesTorrents
Info
APIGlossaryAbout
Victimas
1
TTPs unicas
0
Info robada historica
N/D
Rescates reclamados
N/D
Pagos detectados
N/D

Paises afectados

Russia (1)

Paises objetivo (SOCRadar)

IndiaSaudi ArabiaUnited States

Sectores objetivo (SOCRadar)

Construction of BuildingsEnterprises & HoldingManufacturingConstructionPublic AdministrationEducational ServicesEnergy & Utilities Computer Systems Design and Related ServicesNational Security&International AffairsTelecommunications

URLs nuevas detectadas en IntelTracker

github.com ransomware.anggipradana.com

Victimas (1)

Ransom Notes: bluesky (1 notes from ThreatLabz)18 Jun 2026
Report
bluesky - Ransom NotesEste grupo de ransomware tiene 1 notas de rescate documentadas en el repositorio ThreatLabz/ransomware_notes. Las notas de resca…