Available as a Ransomware-as-a-Service (RaaS), BlackByte has been used in attacks against US and foreign businesses, including in critical infrastructure sectors such as government, financial, and food and agriculture, the FBI and USSS warn.

BlackByte operators recently claimed to have obtained financial data from the San Francisco 49ers as a result of an attack that targeted the football team.

Some victims, the joint advisory says, discovered that the attackers exploited a known Microsoft Exchange Server vulnerability to gain initial access to their environments.