Bluesky

Ransomware Group Profile

Overview

BlueSky is a financially motivated ransomware group active from mid-2022 into early 2023, using multi-threaded ChaCha20/Curve25519 encryption for fast file locking on Windows hosts, with code sharing significant overlap with Conti v2/v3 and Babuk, attributed with high confidence to Russian-origin threat actors.

Dark Web Infrastructure (1)
ccpyeuptrlatb2piua4ukhnhi7lrxgerrcrj4p2b5uhbzqm2xgdjaqid.onion
Activity Timeline
First Seen2023
Last Seen2023
Leak Sites1
Quick Actions
View All GroupsThreat Actors
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001