There has been a significant decrease in social engineering attacks linked to the Black Basta ransomware group since late December 2024.
This lapse also included the leaked Black Basta chat logs in February 2025, indicating internal conflict within the group. Despite this, Rapid7 has observed sustained social engineering attacks. Evidence now suggests that BlackSuit affiliates have either adopted Black Basta’s strategy or absorbed members of the group. The developer(s) of a previously identified Java malware family, distributed during social engineering attacks, have now been assessed as likely initial access brokers, having potentially provided historical access for Black Basta and/or FIN7 affiliates.
Read more…
Source: Rapid7
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- ‘Dark web’ targeted in crime crackdown by Government
April 11, 2018
Criminals are emboldened by the anonymity of the dark web, which has become a platform for horrific abuse, the Home Secretary will say today. New funding to crack down on the “dangerous” dark web will be launched by Amber Rudd in a speech at the Government’s flagship event for cybersecurity. Read more… Source: Sky News
- Delta Confirms Breach Of Customer Payment Details
April 5, 2018
Hackers have had access to Delta customer payment data for over six months after third party breach US airline Delta Air Lines and American department store Sears Holding have both confirmed a data breach, after an incident involving a third party tech provider. Delta said that it was notified last week by 7.ai, a company that provides online chat ...
- 1.5 billion sensitive files exposed by misconfigured servers, storage and cloud services
April 5, 2018
Researchers have discovered over 1.5 billion sensitive files including payroll information, credit card details, medical data, and patents for intellectual property are exposed online, putting consumers and businesses at risk of theft, cybercrime, and espionage. But the information exposed online — which amounts to a total of 12,000 terabytes of data — isn’t there as a ...
- Rarog Trojan ‘Easy Entry’ For New Cryptomining Crooks, Report Warns
April 5, 2018
A malware family called Rarog is becoming an appealing and affordable tool for hackers to launch cryptocurrency mining attacks, researchers say. They say the Trojan is low priced, easily configurable and supports multiple cyrptocurrencies, making it an appealing option for hackers. Palo Alto Networks’ Unit 42 research team, which posted a blog on Wednesday after tracking Rarog for months, ...
- A new Mirai-style botnet is targeting the financial sector
April 5, 2018
A botnet made up of hijacked internet-connected televisions and web cameras has a new target, security researchers have found. Three financial sector institutions have become the latest victims of distributed denial-of-service (DDoS) attacks in recent months. New research by Recorded Future’s Insikt Group published Thursday points to what’s likely to be the IoTroop botnet, used to pummel financial ...
- Retail sector top cyber attack target
April 5, 2018
The retail sector suffered the most breach incidences (16.7%) in 2017 as attackers became more organised, the latest Trustwave security report shows. The retail sector was followed by the finance and insurance industry(13.1%) and hospitality (11.9%), according to the 2018 Trustwave global security report, which is based on the analysis of billions of security events worldwide, hundreds ...