Black Basta is a financially motivated ransomware-as-a-service (RaaS) group that emerged in April 2022, rapidly distinguishing itself through its aggressive double-extortion tactics, combining data encryption with data theft and public shaming on its 'Basta News' leak site. Assessed with high confidence to be of Russian origin, the group quickly accumulated a significant number of victims globally, leading to speculation that it may be a rebrand or an offshoot of the Russian-speaking Conti ransomware group, or closely linked to other Russian-speaking cybercriminal organizations like FIN7, due to similar tactics, techniques, and procedures. Black Basta operates as a closed RaaS, not openly recruiting on underground forums, which contributes to its perceived exclusivity and sophistication. The group's leader, known as GG or AA, is reportedly a Russian individual, and the group maintained offices in Moscow, further cementing its suspected origin.

Paises afectados

URLs nuevas detectadas en IntelTracker