Security News > 2023 > June > 8Base ransomware group leaks data of 67 victim organizations

Lockbit 3.0 is currently the most active ransomware group, NCC Group says in its most recent Threat Pulse report, but new ransomware groups like 8Base and Akira are rising in prominence.

Collectively, the various ransomware groups revealed 436 victim organizations in May 2023 - 24% more than in April 2023, and 56% more that in May 2022.

This considerable increase can be attributed, in part, to the 8Base ransomware group, which released data from 67 victims they breached between April 2022 and May 2023.

According to VMware Carbon Black's Threat Analysis Unit, the group has been active since March 2022, but its activity has become more prominent now due to the significant number of data dumps released in May. The group mainly targets small and medium size businesses in the business services, finance, manufacturing, and information technology sectors, and utilizes a double extortion strategy.

8Base similarly uses various ransomware, and one of them is a variant of the Phobos ransomware.

"Comparison of Phobos and the 8Base sample revealed that 8Base was using Phobos version 2.9.1 loaded with SmokeLoader. With Phobos ransomware being available as a ransomware-as-a-service, this is not a surprise," they added.

News URL

https://www.helpnetsecurity.com/2023/06/28/8base-ransomware/