Blackbasta Ransomware

Malware updated 4 months ago (2024-05-04T19:19:41.649Z)

Download STIX

Preview STIX

BlackBasta is a ransomware-type malware, designed to infiltrate systems undetected and hold data hostage in exchange for ransom. Originating from Russian-speaking regions, this malicious software has been linked to numerous high-profile cyber attacks. The group behind BlackBasta has demonstrated its capacity to breach even well-secured corporations, causing significant operational disruptions and stealing sensitive data. Recently, Viking Coca-Cola, one of the largest Coca-Cola bottlers in the U.S., fell victim to a BlackBasta attack. The company's name was added to the list of victims on the ransomware group's data leak website, indicating a successful data breach. In another incident, Dish Network experienced service disruptions due to a BlackBasta ransomware attack between February and March. The extent of these attacks showcases the potency and reach of the BlackBasta group. Over the past 22 months, it has been reported that the BlackBasta ransomware gang extracted over $107 million in payments from its victims, underlining the severity and financial impact of these attacks. There are indications that other groups may attempt to exploit the same vulnerabilities as BlackBasta, particularly a flaw in VMware systems. Italy's cybersecurity agency has suggested a possible link between BlackBasta and these anticipated attacks, although no concrete evidence has been published to support this claim.

Description last updated: 2024-05-04T18:55:08.373Z

What's your take? (Question 1 of 2)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Ransomware

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Malware

To see the evidence that has resulted in these malware associations, create a free account

ID	Type	Votes	Profile Description
QakBot	Unspecified	2	Qakbot is a type of malware that has been linked to various cybercriminal activities, with its presence first observed as early as 2020. It gained notoriety for its role in the operations of the Black Basta ransomware group, which used Qakbot extensively in sophisticated phishing campaigns. The malw
Blackbasta	Unspecified	2	BlackBasta is a notorious malware, specifically ransomware, that has been associated with several high-profile cyber-attacks. This malicious software infiltrates systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, it can steal personal information,

Source Document References

Information about the Blackbasta Ransomware Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
Securityaffairs	4 months ago	Blackbasta gang Synlab Italia attack
CERT-EU	a year ago	Iran-Run ISP ‘Cloudzy’ Caught Supporting Nation-State APTs, Cybercrime Hacking Groups
Malwarebytes	6 months ago	PikaBot malware on the rise: What organizations need to know \| Malwarebytes
CERT-EU	8 months ago	BlackBasta Claims Cyberattack On American Alarm And Communications \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #ransomware \| National Cyber Security Consulting
CERT-EU	a year ago	Dish Ransomware Attack Impacted Nearly 300,000 People
CERT-EU	a year ago	3 Malware Loaders Detected in 80% of Attacks: Security Firm
CERT-EU	a year ago	3 Malware Loaders Detected in 80% of Attacks: Security Firm
CERT-EU	8 months ago	BlackBasta Ransomware Attack: Multiple Victims Listed \| #ransomware \| #cybercrime \| National Cyber Security Consulting
InfoSecurity-magazine	a year ago	Four in Five Cyber-Attacks Powered by Just Three Malware Loaders
CERT-EU	10 months ago	Ransomware was behind Toronto Public Library attack \| IT World Canada News
CERT-EU	a year ago	Top 10 Ransomware Attacks in 2023 - Cybersecurity Insiders
CERT-EU	a year ago	Cyber security week in review: May 19, 2023
CERT-EU	a year ago	24th April – Threat Intelligence Report - Check Point Research
CERT-EU	2 years ago	ESXiArgs Campaign Snares At Least 2,803 Victims \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #ransomware - National Cyber Security
CERT-EU	9 months ago	Cyber Security Today, Week in Review for Friday, December 1, 2023 \| IT World Canada News