Security researchers at Sentinel Labs have uncovered evidence that links the Black Basta ransomware gang to the financially motivated hacking group FIN7, also known as “Carbanak.”
When analyzing tools used by the ransomware gang in attacks, the researchers found signs that a developer for FIN7 has also authored the EDR (Endpoint Detection and Response) evasion tools used exclusively by Black Basta since June 2022.
Further evidence linking the two includes IP addresses and specific TTPs (tactics, techniques, and procedures) used by FIN7 in early 2022 and seen months later in actual Black Basta attacks.
Read more…
Source: Bleeping Computer