Wednesday, October 16, 2024
HomeCyber AttacksBlack Basta ransomware-as-a-service brings down 50 organizations globally
Cyber Attacks

Black Basta ransomware-as-a-service brings down 50 organizations globally

Sneha
By Sneha
0
422

Highlights

  • Prominent Threat: In just two months, the Black Basta gang has added nearly 50 victims to their list as of the publishing of this report, making them one of the most prominent ransomware recently.
  • Targets VMware ESXi: Black Basta’s Linux variant targets VMware ESXi virtual machines (VMs) running on enterprise Linux servers.
  • High Severity: The threat level is HIGH given the destructive potential of the attacks.
  • Targeting English-Speaking countries: Black Basta specifically targets the following countries: United States, Canada, United Kingdom, Australia, and New Zealand.
  • Targeting Wide Range of Industries: Black Basta has been observed targeting a range of industries, including manufacturing, construction, transportation, telcos, pharmaceuticals, cosmetics, plumbing and heating, automobile dealers, undergarments manufacturers and more.
  • Human Operated Attack: Prior to the deployment of the ransomware, the attackers attempt to infiltrate and move laterally throughout the organization, carrying out a fully-developed RansomOps attack.

The Black Basta ransomware-as-a-service (RaaS) syndicate has amassed nearly 50 victims in the U.S., Canada, the U.K., Australia, and New Zealand within two months of its emergence in the wild, making it a prominent threat in a short window.

“Black Basta has been observed targeting a range of industries, including manufacturing, construction, transportation, telcos, pharmaceuticals, cosmetics, plumbing and heating, automobile dealers, undergarments manufacturers, and more,” Cybereason said in a report.

Evidence indicates the ransomware strain was still in development as recently as February 2022, and only started to be used in attacks starting April after it was advertised on underground forums with an intent to buy and monetize corporate network access for a share of the profits.

Attack vectors for both Windows and Linux platforms are being utilized by the adversaries in the wild.

Black Basta wallpaper

Recommendations

  • Enable the Anti-Ransomware or Anti-Malware defenses, if possible.
    If you need help with defining defenses for your infrastructures, seek some help. You can reachout to our highly skilled consultants at cybermetrics.
  • Keep Systems Fully Patched: Make sure your systems are patched in order to mitigate vulnerabilities
  • Regularly Backup Files to a Remote Server: Restoring your files from a backup is the fastest way to regain access to your data
  • Use Security Solutions: Protect your environment using organizational firewalls, proxies, web filtering, and mail filtering
  • Already hit? Ofcourse, kick off your crisis management plans, but for sure, reach out for expert help. Avoid trying to hack them back, unless you know what you are upto.

References:

  1. https://www.cybereason.com/blog/cybereason-vs.-black-basta-ransomware
Previous article
Your Home-Office Routers may be vulnerable to ZuoRAT Malware
Next article
Microsoft temporarily rolls back its plan to Block Office Macros
Sneha
Sneha
RELATED ARTICLES

Most Popular

Load more

Recent Comments

722 Ransomware Attacks Occurred in last 3 months, and its rising - Cybermetrics on Ukrainian couple arrested for spreading Ransomwares
722 Ransomware Attacks Occurred in last 3 months, and its rising - Cybermetrics on Cuban Ransomware hacks Microsoft Exchange Servers
Santhosh Gunasekaran on Microsoft suspends new sales in Russia: other firms join hands with Microsoft
Hackers exploiting Log4Shell in VMware Horizon - Cybermetrics on Special Report – Apache Log4j Vulnerability (CVE-2021-44228)
CSIA Publishes Free Cybersecurity Services And Tools - Cybermetrics on Zero Trust Architecture by NIST

© cybermetrics, 2022