Blacktail is a cybercrime group that has gained attention for its ransomware campaigns, particularly the Buhti ransomware. They are known for using custom-built data exfiltration tools and have been observed exploiting vulnerabilities in both Windows and Linux systems.
References
- symantec-enterprise-blogs.security.com
- fortiguard.fortinet.com
- redpacketsecurity.com
- redpacketsecurity.com
Actor metadata imported from Malpedia (Fraunhofer FKIE).