Basta

  • Blog

    Microsoft Teams tactics, malware connect Black Basta, Cactus ransomware

    New research has uncovered further links between the Black Basta and Cactus ransomware gangs, with members of both groups utilizing the same social engineering attacks and the BackConnect proxy malware for post-exploitation access to corporate networks. In January, Zscaler discovered a Zloader malware sample that contained what appeared to be a new DNS tunneling feature. Further research by Walmart indicated…

    Read More »
  • Blog

    Southern Water says Black Basta ransomware attack cost £4.5M in expenses

    United Kingdom water supplier Southern Water has disclosed that it incurred costs of £4.5 million ($5.7M) due to a cyberattack it suffered in February 2024. Southern Water is a private utility company in southern England, providing water services to 2.7 million customers and wastewater services to over 4.7 million customers across Kent, Sussex, Hampshire, and the Isle of Wight. The company…

    Read More »
  • Blog

    Black Basta ransomware gang’s internal chat logs leak online

    An unknown leaker has released what they claim to be an archive of internal Matrix chat logs belonging to the Black Basta ransomware operation. ExploitWhispers, the individual who previously uploaded the stolen messages to the MEGA file-sharing platform, which are now removed, has uploaded it to a dedicated Telegram channel. It’s not yet clear if ExploitWhispers is a security researcher who…

    Read More »
  • Blog

    BT Group’s Conferencing division attacked by Black Basta ransomware gang

    BT Group has confirmed it is responding to an attempt to breach one of its business divisions, after the Black Basta ransomware group listed the firm on its dark web leak site. Black Basta is alleged to have stolen ~500 GB of data from the UK’s largest telco, according to the listing published on 4 December. The stolen information is…

    Read More »
  • Blog

    Black Basta ransomware poses as IT support on Microsoft Teams to breach networks

    The BlackBasta ransomware operation has moved its social engineering attacks to Microsoft Teams, posing as corporate help desks contacting employees to assist them with an ongoing spam attack. Black Basta is a ransomware operation active since April 2022 and responsible for hundreds of attacks against corporations worldwide. After the Conti cybercrime syndicate shut down in June 2022 following a series of embarrassing…

    Read More »
Back to top button
close