The Black Basta ransomware group has reportedly amassed over $100 million from its extortion activities. This ransomware, which first appeared in April 2022, has targeted more than 90 victims, securing substantial ransom payments from these organizations.
Financial Impact: According to new research from Corvus Insurance and blockchain analytics firm Elliptic, Black Basta has accrued more than $107 million in ransom payments. This figure highlights the significant financial impact and success of their operations over the past year and a half.
Victim Profile: The ransomware group has affected a wide range of victim organizations. A report from Elliptic reveals that these organizations have collectively paid over $100 million in response to ransom demands by Black Basta since early 2022.
Operational Scale and Comparison: Black Basta is considered the fourth-most active ransomware strain, having impacted more than 329 victims. Notably, it has been discovered to share similarities with the Conti ransomware group, which ceased its operations by May 2022. This resemblance and the scale of operations underscore the sophistication and reach of Black Basta in the cyber threat landscape.
Associations and Ransom Payment Methods: It is believed that Black Basta may be a faction of the Russian Conti ransomware gang. This connection adds a geopolitical dimension to the group's activities. The group has notably collected at least $107 million in Bitcoin ransom payments, indicating a preference for cryptocurrency as a means of transaction, which is common among cybercriminal groups due to the anonymity it provides.
Emergence and Growth: Black Basta's emergence in early 2022 and its subsequent rapid growth in terms of both victim count and financial gain underscore the evolving and increasingly dangerous landscape of ransomware threats. The group's ability to amass such significant sums in a relatively short period highlights the growing sophistication and effectiveness of ransomware operations.
Overall, the Black Basta ransomware group represents a significant and sophisticated cyber threat, with substantial financial implications for its victims and notable associations with other high-profile ransomware groups.
IoC
URL
- https://secure.item0self.com/191308.png
REFERENCES
- https://www.securityweek.com/black-basta-ransomware-group-received-over-100-million-from-90-victims/#:~:text=Victim%20organizations%20have%20paid%20over,blockchain%20analytics%20firm%20Elliptic%20reveals
- https://cybernews.com/security/russia-linked-black-basta-ransomware-extorted-100-million/#:~:text=Black%20Basta%2C%20which%20is%20believed,and%20Corvus%20Insurance%20has%20revealed
- https://www.bleepingcomputer.com/news/security/black-basta-ransomware-made-over-100-million-from-extortion/#:~:text=01%3A19%20PM%200%20Russia,in%20April%202022%2C%20according%20to
- https://otx.alienvault.com/pulse/656f33da4bd80a4844ddf019
TAGS
black basta, conti, qakbot, elliptic, garantex, vasp screening, bitcoin, ukraine
No comments:
Post a Comment