According to reports, one of the National Football League’s teams has suffered a ransomware attack from the group known as BlackByte. The affected team is the San Francisco 49ers which stated that the attack happened during the Super Bowl Sunday match between the Rams and the Bengals.
In related news, three critical infrastructure organisations in the United States have also suffered a ransomware attack before discovering the breach inside the San Francisco football team.
The authorities reported that the BlackByte ransomware had momentarily interrupted San Francisco 49ers’ corporate network and posted the stolen internal documents to a site on the dark web.
As said by a representative of 49ers, the data related to its home arena was possibly compromised by the threat actors and have yet to reveal their ransom demands for the stolen data of the team.
The BlackByte ransomware group attacked three critical infrastructure organisations prior to the San Francisco 49ers.
According to the joint alert conducted by the US Secret Services and the FBI, BlackByte’s attack against the San Francisco 49ers only came two days after the authorities discovered that three critical infrastructure organisations had also suffered an attack from the same group.
The report noted that the three critical infrastructures affected by the ransomware attack are the government facilities, the financial sector, and the food & agriculture area.
Furthermore, the advisory detailed that the hackers exploited a Microsoft Exchange Server flaw to acquire access to several affected infrastructure networks. The BlackByte group also deployed privilege escalation tools and lateral movement in the simulated networks before stealing and encrypting the files.
Ransomware groups are increasingly starting to move comparable to a real-life business model since they are now publicly selling and trading the ransomware-as-a-service to amateur hackers, affiliates, and cybercriminals wannabe.
The attack against the San Francisco 49ers could have been more devastating if the team had reached the Super Bowl finals because all the attendees in the arena might have been affected by the attack.
Experts noted that the BlackByte ransomware group seems to be maturing and evolving faster since they can now conduct multiple big-time hacks in a short period.