Security News > 2022 > June > Black Basta Ransomware Teams Up with Malware Stalwart Qbot
A newcomer on the ransomware scene has coopted a 14-year-old malware variant to help it maintain persistence on a targeted network in a recent attack, researchers have found.
Black Basta, a ransomware group that emerged in April, leveraged Qbot,, to move laterally on a compromised network, researchers from security consulting firm NCC Group wrote in a blog post published this week.
Black Basta, like many others of its kind, uses uses double-extortion attacks in which data is first exfiltrated from the network before the ransomware is deployed.
It's not unusual for ransomware groups to leverage Qbot in the initial compromise of a network.
Researchers managed to observe specific characteristics of a Black Basta attack in their investigation of the incident, including how it evades detection as well as executes ransomware on the compromised system, they said.
Once it's deployed, Black Basta ransomware itself, like many ransomware variants, doesn't encrypt the entire file, researchers found.