Alias Description | Votes |
---|---|
Conti is a possible alias for Blackbasta. Conti is a type of malware, specifically ransomware, which is designed to infiltrate and damage computer systems. This malicious software can enter systems through various methods such as suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal persona | 5 |
QakBot is a possible alias for Blackbasta. Qakbot is a type of malware, or malicious software, that infiltrates computer systems to exploit and damage them. This harmful program can infect devices through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt ope | 4 |
Clop is a possible alias for Blackbasta. Clop, a malicious software (malware), is linked to a Russian-speaking cybercriminal group also known as Cl0p. It is designed to exploit and damage computer systems by stealing personal information, disrupting operations, or holding data hostage for ransom. In May 2023, the Clop group began exploitin | 3 |
Pikabot is a possible alias for Blackbasta. Pikabot is a malicious software (malware) that has been used extensively by various threat groups to exploit and damage computer systems. Initially, the BlackBasta group used phishing and vishing to deliver malware types such as DarkGate and Pikabot but quickly sought alternatives for further malici | 3 |
Blacksuit is a possible alias for Blackbasta. BlackSuit is a new strain of malware, specifically ransomware, that has been causing significant damage to computer systems. It is believed to be a rebranding of the Royal ransomware gang, as indicated by similarities in code between the two. This suspicion was confirmed by warnings from both the Cy | 3 |
Alias Description | Association Type | Votes |
---|---|---|
The Akira Malware is associated with Blackbasta. Akira is a potent ransomware that has been active since 2023, known for its aggressive encryption tactics and swift deployment. This malware, which brings a unique '80s aesthetic to the dark web, has quickly risen in prominence within the cybercrime landscape. It has targeted hundreds of victims glo | Unspecified | 4 |
The Royal Ransomware Malware is associated with Blackbasta. Royal Ransomware is a form of malware that was active from September 2022 through June 2023. This malicious software, designed to exploit and damage computers or devices, would infiltrate systems via suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, it could stea | Unspecified | 4 |
The Cactus Malware is associated with Blackbasta. Cactus is a type of malware, specifically ransomware, known for its malicious activities including data theft and system disruption. This malware has been linked to several high-profile attacks, spreading primarily through malvertising campaigns that leverage the DanaBot Trojan. Notably, the Cactus | Unspecified | 3 |
The Blackbasta Ransomware Malware is associated with Blackbasta. The BlackBasta ransomware is a malicious software developed by a Russia-linked group known for exploiting and damaging computer systems, often without the user's knowledge. The group has been involved in numerous high-profile cyberattacks, including those on American Alarm and Communications, a lead | Unspecified | 3 |
The Hive Malware is associated with Blackbasta. Hive is a form of malware, specifically ransomware, designed to exploit and damage computer systems. It infiltrates systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, Hive can steal personal information, disrupt operations, or hold data hostag | Unspecified | 3 |
The Ryuk Malware is associated with Blackbasta. Ryuk is a type of malware known as ransomware, which has been utilized by the threat group ITG23 for several years. This group has been notorious for crypting their malware, with crypters seen in use with other malware such as Trickbot, Emotet, Cobalt Strike, and Ryuk. In 2019, most ransomware inves | Unspecified | 3 |
The Karakurt Malware is associated with Blackbasta. Karakurt is a malicious software (malware) that has been linked to significant data extortion activities. The malware is affiliated with the notorious Conti cybercrime syndicate and ITG23, which are known for their disruptive operations, including data theft and ransom demands. In 2023, there was a | Unspecified | 2 |
The Ghost Clown Malware is associated with Blackbasta. Ghost Clown is a malware entity that has been implicated in the deployment of malicious software, specifically ransomware strains like BlackBasta and Conti. This previously undetected ransomware group, along with another affiliate named Space Kook, were identified by anti-ransomware company Halcyon. | Unspecified | 2 |
The Black Basta Malware is associated with Blackbasta. Black Basta is a notorious malware group known for its sophisticated ransomware attacks, which have targeted numerous high-profile entities. The group has demonstrated a remarkable ability to adapt their tactics, techniques, and procedures (TTPs), allowing them to effectively evade security defenses | Unspecified | 2 |
The REvil Malware is associated with Blackbasta. REvil, also known as Sodinokibi, is a malicious software (malware) that operates on a Ransomware as a Service (RaaS) model. This model became increasingly popular in 2020, with first-stage malware like Dridex and Gootkit being linked to ransomware attacks such as BitPaymer and REvil respectively. Th | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Alphv Threat Actor is associated with Blackbasta. Alphv, also known as BlackCat, is a threat actor group that has been linked to numerous cyberattacks, particularly targeting the healthcare sector. The group made headlines when it stole 5TB of data from Morrison Community Hospital, causing significant disruption and raising concerns about patient p | Unspecified | 7 |
The FIN7 Threat Actor is associated with Blackbasta. FIN7, also known as Carbanak, Carbon Spider, Cobalt Group, and Navigator Group, is a notorious cybercrime group that has been active since 2012. The group is recognized for its advanced combination of malware and social engineering tactics, having executed numerous successful attacks against global | Unspecified | 3 |
The BianLian Threat Actor is associated with Blackbasta. BianLian is a threat actor that has been active in cybercrime, leveraging various techniques for malicious intent. Prior to January 2024, the group used an encryptor (encryptor.exe) that modified all encrypted files to have the .bianlian extension and created a ransom note in each affected directory | Unspecified | 3 |
The Space Kook Threat Actor is associated with Blackbasta. Space Kook is a threat actor, or malicious entity, identified in the cybersecurity industry for its involvement in ransomware operations. Named after a villain from Scooby Doo, Space Kook was first linked to malicious activities by Halcyon's analysis, which showed connections to an initial access br | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
DARKReading | a month ago | ||
Bitdefender | 3 months ago | ||
BankInfoSecurity | 4 months ago | ||
InfoSecurity-magazine | 4 months ago | ||
InfoSecurity-magazine | 4 months ago | ||
Securityaffairs | 4 months ago | ||
Securityaffairs | 5 months ago | ||
DARKReading | a year ago | ||
Securityaffairs | 5 months ago | ||
Securityaffairs | 5 months ago | ||
Securityaffairs | 5 months ago | ||
Securityaffairs | 6 months ago | ||
Securityaffairs | 6 months ago | ||
InfoSecurity-magazine | 6 months ago | ||
Securityaffairs | 6 months ago | ||
Securityaffairs | 6 months ago | ||
Securityaffairs | 6 months ago | ||
Securityaffairs | 7 months ago | ||
Securityaffairs | 7 months ago | ||
Securityaffairs | 7 months ago |