BEWARE of dangerous Black Basta Ransomware attack! You will get blackmailed
It's been just two months since the Black Basta Ransomware popped up and it has already claimed nearly 50 victims across the U.S., Canada, the U.K., Australia, and New Zealand. Black Basta is a ransomware-as-a-service, meaning it is a pay-to-use ransomware.
According to cybersecurity company Cybereason, "Black Basta has been observed targeting a range of industries, including manufacturing, construction, transportation, telcos, pharmaceuticals, cosmetics, plumbing and heating, automobile dealers, undergarments manufacturers, and more.”
Black Basta operates by extorting sensitive information from its targets. After it acquires the information, it blackmails people, threatening to publish the stolen information online if a digital payment is not made.
First occurring in 1989, ransomware attacks are growing all around the world with the advancement of technology and onset of the digital age. According to thehackernews.com, Black Basta leverages on devices through Qakbot and moves laterally across devices and steals information.
Even Linux is not safe from this ransomware. The developers of this ransomware have developed a Linux variant of this ransomware to target devices used by large companies and enterprises. Devices called VMware ESXi virtual machines (VMs) run on enterprise servers are at risk of potential attack from this ransomware.
Elbit Systems of America, the manufacturer of defense, aerospace, and security solutions in the US has become the latest victim of the Black Basta ransomware, according to security researcher Ido Cohen.
The Black Basta ransomware is developed by members of a Russian group of hackers, formerly belonging to a now-shut organization called Conti which is notorious for hacking large scale companies and firms all around the world, although the members of the Conti group have refused claims of being a part of developing this ransomware.
According to Group-IB's Ivan Pisarev, “Conti's increased activity and the data leak suggest that ransomware is no longer a game between average malware developers, but an illicit RaaS industry that gives jobs to hundreds of cybercriminals worldwide with various specializations.”