Bl@ckt0r is a self-described "Bug Hunter and Data Breacher Group." They specifically mention that they are not a "ransomware gang" and do not encrypt data or ruin business continuity. Although it is likely true that they don't encrypt data (we have no evidence of any samples), they are still classified as a ransomware group as defined by the Ransomware Tracker. Ironically, after they mention they aren't a typical ransomware group, they go on to claim that they "love to hack corporate networks and ask for a bounty," and if they refuse to pay the bounty, they will sell the data on their dark web extortion page. You know, as a typical ransomware group would.
Since they don't encrypt networks, we have no technical information to provide. As such, they are classified as a Data Broker. We can say that Bl@ckt0r posted four victims on their data leak site, all from different countries, in different industries, with different extortion amounts. You can see them below.
|Industry Sector||Country||Extortion Date||Amount (USD)|
|Music & Entertainment||Italy||$3,000|
|Banking & Finance||Indonesia||$150,000|
|Information Technology||Sri Lanka||$50,000|