May 10, 2024 · Black Basta is a ransomware-as-a-service (RaaS) variant, first identified in April 2022. Black Basta affiliates have targeted over 500 private industry and critical infrastructure entities, including healthcare organizations, in North America, Europe, and Australia.

Mar 3, 2025 · The BackConnect malware is a tool that cybercriminals use to establish and maintain persistent control over compromised systems. Once infiltrated, it grants attackers a wide range of remote control capabilities, allowing them to …

May 13, 2024 · Federal agencies, health care associations, and security researchers are warning that a ransomware group tracked under the name Black Basta is ravaging critical infrastructure sectors in...

As of May 2024, Black Basta affiliates have impacted over 500 organizations globally. Black Basta affiliates use common initial access techniques—such as phishing and exploiting known vulnerabilities—and then employ a double-extortion model, …

Mar 4, 2025 · New research has uncovered further links between the Black Basta and Cactus ransomware gangs, with members of both groups utilizing the same social engineering attacks and the BackConnect proxy ...

Dec 4, 2024 · Beginning in early October, Rapid7 has observed a resurgence of activity related to the ongoing social engineering campaign being conducted by Black Basta ransomware operators.

Mar 5, 2025 · Threat Overview - Black Basta Update. UPDATE 03/04/2025: A significant leak of internal chat logs from within Black Basta ransomware group has provided the community with a glimpse into their operations, including further information regarding their capabilities, tools and motivations. It was released via JSON file on February 11, 2024 by a Telegram user named ExploitWhispers, and contained ...

Feb 20, 2025 · ExploitWhispers also shared information about some Black Basta ransomware gang members, including Lapa (one of the operation's admins), Cortes (a threat actor linked to the Qakbot group), YY ...

Mar 4, 2025 · BackConnect, novel malware observed by Trend Micro in the most recent Black Basta/Cactus attacks, is further evidence of this versatility, and even has artifacts that suggest links to Qakbot ...

Nov 13, 2024 · Black Basta, known for its targeted attacks across multiple industries, emerged as a formidable ransomware group in 2022. Leveraging social engineering and advanced malware, the group systematically compromises networks, demanding ransoms under the threat of …