Black Basta Ransomware Gains Ground

ransomware

Researchers with security firm Cybereason published a report on a new strain of ransomware that was put in circulation in recent months but already managed to score almost 50 victims in English-speaking countries, including the US, the United Kingdom, Australia and New Zealand.

This meteoric rise to infamy took the Black Basta ransomware gang just two months, which put their name in the spotlight of security researchers.

The ransomware gang offers the Black Basta ransomware on a RaaS basis. The malicious tool was advertised on dark web forums using the typical ransomware-as-a-service model, offering a profit-sharing plan for "affiliates" who pull off attacks using the ransomware.

The mode of operation used by Black Basta is the one that the majority of ransomware gangs employ as well - double extortion consisting of locking up encrypted files and exfiltrating some of them before encryption, to use as blackmail and threaten leaks of sensitive information.

Attacks culminating with the deployment of Black Basta used QBot to exfiltrate credentials from compromised systems, then move laterally across the victim network to ultimately deploy the ransomware on as many hosts as possible. The ransomware also has a variant made to target Linux systems, specifically ESXi virtual instances deployed on enterprise servers.

Security researchers believe that the Black Basta gang is comprised of former Conti gang members, even though Conti denied this. Even though Conti is doing their best to make the world believe the ransomware outfit is no more, researchers think that while the entity that was Conti may be no more, fragments of the team moved into other cybercriminal gangs.

By Zaib
July 4, 2022
Computer Security
English
July 4, 2022
Computer Security

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Microsoft Warns State-Backed Threat Actors Are Using AI in...

4 days ago

Trojan Al11 Malware Detection & Removal - An Essential...

11 months ago

Pinaview is a Fully-Featured Adware App

10 months ago

"Your iCloud is Being Hacked" and "Your iPhone has Been...

7 months ago

What is Lucky Ransomware?

7 months ago

Related Posts

Ransomware

Black Blight Ransomware is More of a Joke Than a Threat

A new piece of malware has been spotted in the wild and given the name Black Blight ransomware. The word 'ransomware' in this case is not really deserved, as Black Blight is more of a scam and looks like a script... Read more

May 31, 2022
Ransomware

Elbie Ransomware

Cybercriminals are busy infiltrating vulnerable computers with malware threats that earn them money. Ransomware has been one of their primary weapons for extorting money from victimized computer users, and the Elbie... Read more

May 24, 2022
Ransomware

Black Basta Ransomware Gang Attacks American Dental Association

A new high-profile ransomware gang might be on the rise. Recently, the American Dental Association (ADA) was hit by a massive ransomware attack, which took down tons of their systems, while simultaneously encrypting... Read more

April 27, 2022
English
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2024 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.