Dec 09, 2024Ravie LakshmananThreat Intelligence / Malware The threat actors linked to the Black Basta ransomware have been observed switching up their social engineering tactics, distributing a different set of payloads such as Zbot and DarkGate since early October 2024. "Users within the target environment will be email bombed by the threat actor, which is often achieved by … [Read more...] about Black Basta Ransomware Evolves with Email Bombing, QR Codes, and Social Engineering
Basta
Researchers Find Links b/w Black Basta Ransomware and FIN7 Hackers
A new analysis of tools put to use by the Black Basta ransomware operation has identified ties between the threat actor and the FIN7 (aka Carbanak) group. This link "could suggest either that Black Basta and FIN7 maintain a special relationship or that one or more individuals belong to both groups," cybersecurity firm SentinelOne said in a technical write-up shared with The … [Read more...] about Researchers Find Links b/w Black Basta Ransomware and FIN7 Hackers
Black Basta Ransomware Hackers Infiltrates Networks via Qakbot to Deploy Brute Ratel C4
The threat actors behind the Black Basta ransomware family have been observed using the Qakbot trojan to deploy the Brute Ratel C4 framework as a second-stage payload in recent attacks. The development marks the first time the nascent adversary simulation software is being delivered via a Qakbot infection, cybersecurity firm Trend Micro said in a technical analysis released … [Read more...] about Black Basta Ransomware Hackers Infiltrates Networks via Qakbot to Deploy Brute Ratel C4
Luna and Black Basta cross-platform ransomware
Ransomware groups are of late increasingly targeting not only Windows computers, but Linux devices and ESXi virtual machines. We’ve already spotlighted the BlackCat gang, which distributes malware written in the cross-platform language Rust and is capable of encrypting such systems. Our experts analyzed two more malware families that recently appeared on the dark web with … [Read more...] about Luna and Black Basta cross-platform ransomware
Cybersecurity Experts Warn of Emerging Threat of “Black Basta” Ransomware
The Black Basta ransomware-as-a-service (RaaS) syndicate has amassed nearly 50 victims in the U.S., Canada, the U.K., Australia, and New Zealand within two months of its emergence in the wild, making it a prominent threat in a short window. "Black Basta has been observed targeting a range of industries, including manufacturing, construction, transportation, telcos, … [Read more...] about Cybersecurity Experts Warn of Emerging Threat of “Black Basta” Ransomware