Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Blackstone Technology Group

Blackstone Technology Group Vendor Cyber Rating & Cyber Score

bstonetech.com

Blackstone Technology Group (www.bstonetech.com) is a privately-held, global IT services and solutions firm founded in 1998. We are headquartered in San Francisco with additional offices in Denver, Houston, Colorado Springs and Washington, DC. Blackstone’s mission is to implement innovative IT and business process solutions that help clients address industry challenges, achieve cost containment, and transform client’s business models within the commercial and public service marketplaces. Blackstone has garnered an impressive track record of delivering successful results, with a noteworthy client list that includes many Fortune 1000 businesses and the US Federal Government. Follow Us On Twitter: Twitter (Corporate):


BTG A.I CyberSecurity Scoring

BTG
Company Information
Website:https://www.bstonetech.com
Employees number:135
Number of followers:12,087
NAICS:
Industry Type:Information Technology & Services
Homepage:bstonetech.com
BTG Risk Score (AI oriented)
Between 650 and 699
logo
BTGInformation Technology & Services
Updated:
24/06/2026
663/1000
Weak
B
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
BTG Global Score (TPRM)
xxxx
logo
BTGInformation Technology & Services
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

BTG
BTGWeak
Current Score
663B (WEAK)
01000
1 incidents
-97 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
664Before Incident
JUNE 2026
663Before Incident
MAY 2026
662Before Incident
APRIL 2026
755Before Incident
Ransomware
01 Apr 2026BTG
Qilin and Black Basta: ModeloRAT and Mistic Backdoor Activity Linked to Ransomware Initial Access Broker

New Python-Based RAT and Stealth Backdoor Linked to Ransomware Access Broker Woodgnat

658After Incident
CRITICAL-97
QILBLA1782311333
New Python-Based RAT and Stealth Backdoor Linked to Ransomware Access Broker Woodgnat A recent cybersecurity investigation has uncovered a sophisticated campaign involving ModeloRAT, a Python-based remote access trojan (RAT), and Backdoor.Mistic, a newly identified stealth backdoor. Both tools are tied to Woodgnat (also known as KongTuke), an initial access broker (IAB) that facilitates ransomware deployments for multiple threat groups, including Qilin, Rhysida, Akira, 8Base, and Black Basta. ### Backdoor.Mistic: Stealth and Persistence First observed in April 2026 and documented by Zscaler, Backdoor.Mistic is designed for long-term, low-visibility access. It employs DLL sideloading via a legitimate executable (MpExtMs.exe), loading a malicious DLL (EndpointDlp.dll) that mimics Microsoft security components. The backdoor uses API hooking to evade detection, executing payloads in-memory without writing files to disk. Additional evasion tactics include a kill switch for self-deletion and adaptive command-and-control (C2) mechanisms, such as domain generation for non-domain hosts. Functionally, Mistic supports file manipulation, scheduled command checks, and in-memory execution of C2-delivered code, making it a versatile tool for maintaining covert access. Targets have been opportunistic, spanning insurance, education, IT, and professional services, suggesting the operators prioritize saleable enterprise access over industry-specific attacks. ### ModeloRAT: A Hallmark of Woodgnat Activity ModeloRAT, a long-standing tool in Woodgnat’s arsenal, is typically delivered via a portable WinPython package and executed through signed pythonw.exe. It employs RC4-encrypted C2 communications and multi-path resiliency to maintain persistence. Symantec’s Threat Hunter Team linked ModeloRAT to Qilin ransomware deployments, reinforcing its role in final-stage ransomware operations. ### Intrusion Chain and Tradecraft The observed attack chain combines multiple stages and tools, including: - A .NET credential stealer with a fake login prompt - Living-off-the-land binaries (LOLBins) such as curl, reg.exe, net.exe, certutil, WMIC, and PowerShell for reconnaissance and lateral movement - Loaders like WinPython and Node.exe to host ModeloRAT and other scripts - Social engineering lures (e.g., ClickFix, FileFix, CrashFix) tricking victims into executing malicious PowerShell commands - Microsoft Teams helpdesk pretexts coercing victims into running attacker-supplied commands for rapid persistence Woodgnat’s tradecraft emphasizes evasion, leveraging signed carriers, in-memory execution, redundant persistence mechanisms, and credential theft to establish durable footholds for ransomware affiliates. ### Defensive Priorities Key indicators of compromise (IOCs) include: - Unexpected loading of EndpointDlp.dll by MpExtMs.exe - Anomalous in-memory execution activities - Run-key persistence entries mimicking remote-support tools - Evidence of WinPython or signed pythonw.exe running unknown scripts As Woodgnat continues to evolve, tracking its infrastructure and the development of ModeloRAT and Mistic remains critical for defenders combating ransomware-enabled access brokering.
INCIDENT DETAILS -
TYPE
RATBackdoorRansomware
MOTIVATION
Financial gainRansomware deployment
DATA BREACH
CredentialsPersonally Identifiable InformationSensitivity Of Data: High
MARCH 2026
755Before Incident
FEBRUARY 2026
755Before Incident
JANUARY 2026
755Before Incident
DECEMBER 2025
755Before Incident
NOVEMBER 2025
755Before Incident
OCTOBER 2025
755Before Incident
SEPTEMBER 2025
755Before Incident
AUGUST 2025
755Before Incident

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for BTG ?
?
What was BTG's A.I Rankiteo Cyber Score in June 2026 ?
?
What was BTG's A.I Rankiteo Cyber Score in May 2026 ?
?
What was BTG's A.I Rankiteo Cyber Score in April 2026 ?
?
What was BTG's A.I Rankiteo Cyber Score in March 2026 ?
?
What was BTG's A.I Rankiteo Cyber Score in February 2026 ?
?
What was BTG's A.I Rankiteo Cyber Score in January 2026 ?
?
What was BTG's A.I Rankiteo Cyber Score in December 2025 ?
?
What was BTG's A.I Rankiteo Cyber Score in November 2025 ?
?
What was BTG's A.I Rankiteo Cyber Score in October 2025 ?
?
What was BTG's A.I Rankiteo Cyber Score in September 2025 ?
?
What was BTG's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on BTG's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with BTG ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view BTG's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?