Get a Demo
Platform
Why SentinelOne?
Services
Partners
Resources
About
Pricing
Get a Demo
Back to Resources

SentinelOne Vs. BlueSky Ransomware – Prevention, Detection, and Rollback

Video
SentinelOne Vs. BlueSky Ransomware – Prevention, Detection, and Rollback

Watch how SentinelOne prevents and detects BlueSky ransomware. BlueSky ransomware emerged (as a family) in July of 2022. At present, BlueSky does not host a public blog, containing victim names and relevant leaked (and stolen) data.

Initial delivery can vary across operators. BlueSky infects devices using a trojanized download from websites hosting “cracks” and “Keygens” and email-based attachments.

BlueSky requires victims to contact them via their TOR-based support portal for assistance in obtaining the decrypter for their campaign. Upon infection, BlueSky will rapidly process files on the target host. The ransomware has the ability to move laterally via SMB and has been observed doing so in Active Directory environments. Encrypted files will be marked with the “.bluesky” extension.

#BlueSky #ransomware #cybersecurity

Watch Now
Ransomware
Related Resources
Video
RSAC 2025: Join SentinelOne
Video
Is DeepSeek a Cybersecurity Threat? SentinelOne’s Alex Stamos Answers.
Video
SentinelOne and Aston Martin F1 Team
Video
LABScon24 Replay | Resilience and Protection in the Windows Ecosystem | Weston & Zetter

Experience the World’s Most Advanced Cybersecurity Platform

See how our intelligent, autonomous cybersecurity platform harnesses the power of data and AI to protect your organization now and into the future.

Request a Demo