BLACKFILE EXTORTION GROUP TARGETS RETAIL WITH VISHING ATTACKS

BlackFile operates as an extortion-focused threat actor, targeting companies in retail and hospitality sectors. The group's attack methodology centers on vishing—voice phishing calls used to socially engineer employees into revealing sensitive information or granting unauthorized access. Once inside networks, BlackFile exfiltrates data and threatens to publish stolen information unless victims pay extortion demands. The campaign has shown consistent targeting patterns and sustained operational activity over several months. Security researchers tracking the group have documented the tactics and infrastructure used in the attacks. Organizations in the affected sectors are advised to implement voice security awareness training and establish protocols for verifying caller identity before granting system access. The emergence of BlackFile reflects broader trends in extortion-based ransomware operations shifting tactics to include social engineering approaches alongside technical exploits.