Security News > 2024 > July > Black Basta ransomware switches to more evasive custom malware
The Black Basta ransomware gang has shown resilience and an ability to adapt to a constantly shifting space, using new custom tools and tactics to evade detection and spread throughout a network.
Black Basta is a ransomware operator who has been active since April 2022 and is responsible for over 500 successful attacks on companies worldwide.
Mandiant, who tracks the threat actors as UNC4393, has identified new malware and tools used in Black Basta intrusions, demonstrating evolution and resilience.
The Black Basta ransomware gang has had an active year thus far, compromising notable entities such as Veolia North America, Hyundai Motor Europe, and Keytronic.
All in all, Black Basta remains a significant global threat and one of the top players in the ransomware space.
Black Basta ransomware gang linked to Windows zero-day attacks.
News URL
Related news
- Experts Uncover New Evasive SquidLoader Malware Targeting Chinese Organizations (source)
- Ransomware crews investing in custom data stealing malware (source)
- Malware that is 'not ransomware' wormed its way through Fujitsu Japan's systems (source)
- Russia’s FIN7 is peddling its EDR-nerfing malware to ransomware gangs (source)
- Ransomware gang targets IT workers with new SharpRhino malware (source)
- Malware-as-a-Service and Ransomware-as-a-Service lower barriers for cybercriminals (source)