Active ransomware operator
← All groupsBLUE SKY
aka Bluesky · 0 victims indexed
0
Victims indexed
—
Active period
—
Countries hit
At a glance
- Status
- active
- Aliases
- Bluesky
- First seen
- —
- Last activity
- —
- Onion sites
- 1 known endpoint
About
Ransomware.
References
9 linksExternal sources curated by the MISP threat-intel community.
- unit42.paloaltonetworks.com/bluesky-ransomware/
- sentinelone.com/blog/bluesky-ransomware-ad-lateral-movement-evasion-and-fast-encryption-puts-threat-on-the-radar/
- yoroi.company/research/dissecting-bluesky-ransomware-payload/
- ransomlook.io/group/bluesky
- watchguard.com/wgrd-ransomware/bluesky
- sentinelone.com/anthology/bluesky/
- unit42.paloaltonetworks.com/bluesky-ransomware/
- fortinet.com/blog/threat-research/ransomware-roundup-new-variants
- cloudsek.com/blog/technical-analysis-of-bluesky-ransomware
Recent victims
Loading…
Onion infrastructure
1 known- http://ccpyeuptrlatb2piua4ukhnhi7lrxgerrcrj4p2b5uhbzqm2xgdjaqid.onion
Source
Updated recentlyData on this page is sourced from the group's own leak posts, cross-checked with public ransomware trackers (RansomLook, ransomware.live, RansomWatch), MITRE ATT&CK, and our own Tor and Telegram crawlers. This is a public observatory page — share freely.