There has been a significant decrease in social engineering attacks linked to the Black Basta ransomware group since late December 2024.
This lapse also included the leaked Black Basta chat logs in February 2025, indicating internal conflict within the group. Despite this, Rapid7 has observed sustained social engineering attacks. Evidence now suggests that BlackSuit affiliates have either adopted Black Basta’s strategy or absorbed members of the group. The developer(s) of a previously identified Java malware family, distributed during social engineering attacks, have now been assessed as likely initial access brokers, having potentially provided historical access for Black Basta and/or FIN7 affiliates.
Read more…
Source: Rapid7
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- New BlackRock Android malware can steal passwords and card data from 337 apps
July 16, 2020
A new Android malware strain has emerged in the criminal underworld that comes equipped with a wide range of data theft capabilities allowing it to target a whopping 337 Android applications. Named BlackRock, this new threat emerged in May this year and was discovered from mobile security firm ThreatFabric. Researchers say the malware was based on the ...
- Diebold Nixdorf warns of a new class of ATM ‘black box’ attacks across Europe
July 16, 2020
ATM maker Diebold Nixdorf is warning banks of a new type of ATM “black box” attack that was recently spotted used across Europe. ATM “black box” attacks are a type of jackpotting attack — when cybercriminals make an ATM spit out cash. A jackpotting attack can be executed with malware installed on an ATM, or by ...
- Major US Twitter accounts hacked in Bitcoin scam
July 16, 2020
Billionaires Elon Musk, Jeff Bezos and Bill Gates are among many prominent US figures targeted by hackers on Twitter in an apparent Bitcoin scam. The official accounts of Barack Obama, Joe Biden and Kanye West also requested donations in the cryptocurrency. “Everyone is asking me to give back,” a tweet from Mr Gates’ account said. “You send ...
- Caught in the Crossfire: Defending Devices From Battling Botnets
July 15, 2020
Strength in numbers is the main principle behind botnets, networks of devices that have been infected and turned into bots to be used in performing attacks and other malicious activities. With the dawn of the internet of things (IoT), botnet developers have found a new domain to conquer, but there they must compete with one ...
- The Tetrade: Brazilian banking malware goes global
July 14, 2020
Brazil is a well-known country with plenty of banking trojans developed by local crooks. The Brazilian criminal underground is home to some of the world’s busiest and most creative perpetrators of cybercrime. Like their counterparts’ in China and Russia, their cyberattacks have a strong local flavor, and for a long time, they limited their attacks ...
- Hacker breaches security firm in act of revenge
July 13, 2020
A hacker claims to have breached the backend servers belonging to a US cyber-security firm and stolen information from the company’s “data leak detection” service. The hacker says the stolen data includes more than 8,200 databases containing the information of billions of users that leaked from other companies during past security breaches. The databases have been collected inside DataViper, a ...