February 8, 2024 at 03:21PM Hyundai Motor Europe experienced a Black Basta ransomware attack, potentially compromising three terabytes of data. Initially reported as IT issues, Hyundai later confirmed the cyberattack, involving unauthorized network access. The attack affected various company departments, and it is linked to Black Basta, known for double-extortion attacks and ties to the … Read more
January 12, 2024 at 12:11AM Pikabot malware, associated with the Water Curupira intrusion set, was used in phishing campaigns through 2023. Similar to Qakbot, it consists of a loader and core module enabling unauthorized access. The campaigns targeted victims via spam emails with malicious attachments, evolving to include a PDF file delivery method. Organizations are … Read more
January 5, 2024 at 05:23PM Summary: – BleepingComputer tested a new decryptor for Black Basta ransomware. – Xerox Business Solutions suffered a cyberattack, possibly exposing personal information. – Australia’s Court Services Victoria suffered a ransomware attack, potentially exposing sensitive recordings. – The Zeppelin2 ransomware source code and builder were sold on a hacking forum. – … Read more
January 2, 2024 at 11:18AM SRLabs released a decryptor to assist victims of the Black Basta ransomware in recovering their files for free. The ransomware, linked to the Conti group, has been responsible for numerous high-profile attacks. SRLabs identified a flaw in the encryption algorithm, enabling them to create a tool for partial file recovery. … Read more
December 30, 2023 at 10:25AM Security Research Labs (SRLabs) has developed a decryptor called the “Black Basta Buster” that allows victims of the Black Basta ransomware to potentially recover their files for free, exploiting a flaw in the encryption algorithm used by the ransomware gang. However, the developers have since fixed the bug, rendering the … Read more
November 30, 2023 at 09:42AM Since early 2022, the Black Basta ransomware group has extorted over $100 million from victims. Linked to the defunct Conti group, Black Basta employs double extortion tactics, targeting diverse industries, primarily in the US. Analysis by Elliptic ties them to Conti and shows a significant portion of victims pay ransoms, … Read more
November 30, 2023 at 08:24AM Since April 2022, the Black Basta ransomware group has amassed over $107 million, with at least 90 out of 300+ victims paying ransoms. Likely evolved from Conti, the group uses Qakbot for malware deployment and shares typical ransomware-as-a-service payment structures. Its breach of Capita sparked widespread legal action. Meeting Takeaways: … Read more
November 29, 2023 at 01:20PM Since April 2022, Black Basta, a Russia-linked ransomware gang, has obtained over $100 million from double extortion attacks on over 329 entities worldwide. Around 35% of its 90+ victims have paid ransoms, including multi-million dollar settlements. The group may originate from the disbanded Conti gang or have FIN7 ties. **Meeting … Read more
November 3, 2023 at 05:10PM Ransomware attacks have been on the rise recently, with various organizations falling victim, including the Toronto Public Library, ACE Hardware, Mr. Cooper, and the British Library. In response, a coalition of 40 countries will pledge to stop paying ransom demands. Microsoft also commits to enhancing security through its ‘Secure Future’ … Read more