8base
2 incidentes
1 paises
0 sectores
ransomware RU Ultimo: 2026-06-25
8base is a financially motivated ransomware group that first emerged in March 2022, initially remaining relatively quiet before a significant surge in activity during May and June 2023. The group evolved to primarily employ a multi-extortion model, utilizing a TOR-based leak site to name and shame victims. While the group brands itself as "simple pen testers," its operational methods and communication style bear striking resemblances to the RansomHouse group, leading to speculation that 8base may be an offshoot or closely related entity. A defining characteristic of 8base is its reliance on readily available ransomware builders, specifically a customized variant of the Phobos ransomware, rather than developing its own unique malware. The group predominantly targets small to medium-sized businesses across various sectors, distinguishing itself by focusing on organizations with potentially weaker security postures.
RansomLook pivots
Data, inteligencia y referencias externas para contrastar actividad ransomware del actor.
Paises afectados
United States (1)Paises objetivo (SOCRadar)
United Arab Emirates
Argentina
Austria
Australia
Belgium
BahrainBermuda
Brazil
Bahamas
CanadaSectores objetivo (SOCRadar)
Construction of BuildingsFood ManufacturingOther Information ServicesSoftware PublishersReal EstateHospitalsAccommodationAir TransportationManufacturingConstruction