We're finding out more about the Black Basta ransomware organization, which has extorted more than 50 businesses worldwide since it started operating in April 2022.
Cybereason is sounding the alarm, categorizing its Black Basta threat alert as “highly dangerous/severe,” in accordance with Federal Bureau of Investigation (FBI) and U.S. Department of Justice (DOJ) classification.
According to Cybereason, the initial members of Black Basta were part of the recently defunct Conti hacker organization. Black Basta has reportedly demanded as much as $2 million from some businesses using double extortion techniques through VMWare operating on Linux servers.
Double extortion occurs when hackers break into a victim's network, steal confidential data by moving laterally through businesses, and then threaten to release the material if the ransom demand isn't met.
Documents can be stolen by Black Basta before they are encrypted and entered into the company's system. In order to stop the data from being exposed and to obtain a decryptor to unlock the stolen material, the organization then demands a ransom.
Here are key findings from the Cybereason report:
“Since Black Basta is relatively new, not a lot is known about the group. Due to their rapid ascension and the precision of their attacks, Black Basta is likely operated by former members of the defunct Conti and REvil gangs, the two most profitable ransomware gangs in 2021."
Cybereason is a Boston-based XDR company partnering with defenders to end attacks at the endpoint, in the cloud and across the entire enterprise ecosystem.
Your business could be at risk if you do not take your cybersecurity seriously. Let Reis Informatica help you and your business handle your security needs so you can focus on the important stuff! Schedule a complimentary business systems assessment today!
Source: