BlueSky is a financially motivated ransomware group active from mid-2022 into early 2023, using multi-threaded ChaCha20/Curve25519 encryption for fast file locking on Windows hosts, with code sharing significant overlap with Conti v2/v3 and Babuk, attributed with high confidence to Russian-origin threat actors.
This group has 0 victims. The victim list API is currently responding slowly for this dataset. Country, sector, and infostealer breakdowns are not available at this time. Basic stats (victim count, first/last seen) are shown above from a faster data source.
Don't let email issues hurt your business reputation.
Our cybersecurity team helps you fix SPF, DKIM, DMARC and protect your sender reputation. Get a free 30-minute consultation with a security expert.