Security News > 2023 > June > 8Base Ransomware Spikes in Activity, Threatens U.S. and Brazilian Businesses

8Base Ransomware Spikes in Activity, Threatens U.S. and Brazilian Businesses
2023-06-28 10:15

A ransomware threat called 8Base that has been operating under the radar for over a year has been attributed to a "Massive spike in activity" in May and June 2023.

VMware said 8Base is "Strikingly" similar to that of another data extortion group tracked as RansomHouse, citing overlaps in the ransom notes dropped on compromised machines and the language used in the respective data leak portals.

A comparison of the two threat groups reveals that while RansomHouse openly advertises their partnerships, 8Base does not.

8base" file extension for encrypted files, raising the possibility that 8Base could be a successor to Phobos or that the attackers are simply making use of already existing ransomware strains without having to develop their own custom locker.

"Whether 8Base is an offshoot of Phobos or RansomHouse remains to be seen."

8Base is part of a wave of ransomware newbies entering the market such as CryptNet, Xollam, and Mallox, even as known families like BlackCat, LockBit, and Trigona have witnessed continuous updates to their features and attack chains to broaden their horizons beyond Windows to infect Linux and macOS systems.


News URL

https://thehackernews.com/2023/06/8base-ransomware-spikes-in-activity.html