Security News > 2024 > July > Black Basta ransomware switches to more evasive custom malware
The Black Basta ransomware gang has shown resilience and an ability to adapt to a constantly shifting space, using new custom tools and tactics to evade detection and spread throughout a network.
Black Basta is a ransomware operator who has been active since April 2022 and is responsible for over 500 successful attacks on companies worldwide.
Mandiant, who tracks the threat actors as UNC4393, has identified new malware and tools used in Black Basta intrusions, demonstrating evolution and resilience.
The Black Basta ransomware gang has had an active year thus far, compromising notable entities such as Veolia North America, Hyundai Motor Europe, and Keytronic.
All in all, Black Basta remains a significant global threat and one of the top players in the ransomware space.
Black Basta ransomware gang linked to Windows zero-day attacks.
News URL
Related news
- Microsoft Teams tactics, malware connect Black Basta, Cactus ransomware (source)
- Black Basta ransomware gang's internal chat logs leak online (source)
- Leaked Black Basta Ransomware Chat Logs Reveal Inner Workings and Internal Conflicts (source)
- Southern Water says Black Basta ransomware attack cost £4.5M in expenses (source)
- Researchers Link CACTUS Ransomware Tactics to Former Black Basta Affiliates (source)
- Medusa Ransomware Uses Malicious Driver to Disable Anti-Malware with Stolen Certificates (source)