NFL club hit by BlackByte ransomware attack

The San Francisco 49ers professional football team has been hit by a ransomware attack. Ransomware ring BlackByte claims to have stolen financial data from the NFL team. The football team has confirmed the cyber attack on BleepingComputer.

Ransomware Attack

The NFL team said in a statement on Sunday that they learned that several systems were affected by a “network security incident.” The BlackByte ransomware gang has claimed responsibility for the attack.

In ransomware attacks, cybercriminals break into corporate networks and attempt to steal data. The hackers place malware on all devices that the network encrypts. The hackers then contact the affected organization and make ransom demands. The files are not decrypted until the money is transferred.

NFL club hit by BlackByte ransomware attack

As the NFL geared up for Super Bowl 2022, BlackByte posted several team documents on a website called “Invoice 2020.” BlackByte usually releases victims’ data to an increasing extent. The hackers do this to further pressure victims to pay. It is not known how much data was stolen. The ransom demand is also unknown.

The NFL team says they alerted the police and hired a cybersecurity company to help. The team said in the statement that there is no indication that the incident involved systems outside the company’s network. Systems connected to the club’s home stadium would not have been affected.

What is BlackByte?

The BlackByte ransomware operation launched in July 2021 and targets corporate victims worldwide. The ransomware gang is not particularly active compared to other groups, but they have carried out several successful attacks.

In October 2021, the BlackByte operation went awry by using the same decryption/encryption key across multiple attacks. The bug was quickly fixed by BlackByte, but cybersecurity firm Trustwave was able to create a free decryptor as a result. A number of victims were able to recover their files for free with this.

NFL club hit by BlackByte ransomware attack


Two days before the attack, the Federal Bureau of Investigation (FBI) and the Secret Service issued another warning about the BlackByte ransomware. The warning reads that since November “several US and foreign companies have been compromised by the ransomware gang”. These include entities in critical US infrastructure sectors.

Investigation into the ransomware attack is still ongoing and hard work is underway to quickly and securely restore affected systems.

Catch up on more articles here

Follow us on Twitter here


Must read


Related Posts