There has been a significant decrease in social engineering attacks linked to the Black Basta ransomware group since late December 2024.
This lapse also included the leaked Black Basta chat logs in February 2025, indicating internal conflict within the group. Despite this, Rapid7 has observed sustained social engineering attacks. Evidence now suggests that BlackSuit affiliates have either adopted Black Basta’s strategy or absorbed members of the group. The developer(s) of a previously identified Java malware family, distributed during social engineering attacks, have now been assessed as likely initial access brokers, having potentially provided historical access for Black Basta and/or FIN7 affiliates.
Read more…
Source: Rapid7
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Massive blow to criminal Dark Web activities after globally coordinated operation
July 20, 2017
Two major law enforcement operations, led by the Federal Bureau of Investigation (FBI), the US Drug Enforcement Agency (DEA) and the Dutch National Police, with the support of Europol, have shut down the infrastructure of an underground criminal economy responsible for the trading of over 350 000 illicit commodities including drugs, firearms and cybercrime malware. ...
- Hacker Uses A Simple Trick to Steal $7 Million Worth of Ethereum Within 3 Minutes
July 17, 2017
All it took was just 3 minutes and ‘a simple trick‘ for a hacker to steal more than $7 Million worth of Ethereum in a recent blow to the crypto currency market. The heist happened after an Israeli blockchain technology startup project for the trading of Ether, called CoinDash, launched an Initial Coin Offering (ICO), allowing ...
- Two New Platforms Found Offering Cybercrime-as-a-Service to ‘Wannabe Hackers’
July 14, 2017
Cybercrime has continued to evolve and today exists in a highly organised form. Cybercrime has increasingly been commercialised, and itself become big business by renting out an expanded range of hacking tools and technologies, from exploit kits to ransomware, to help anyone build threats and launch attacks. In past few years, we have witnessed the increase in ...
- Hackers Attack Trump Hotels, Steal Credit Card Details and Personal Data
July 12, 2017
Hackers breached the systems used by 14 different Trump Hotels properties between August 10, 2016 and March 9, 2017, managing to steal sensitive information like guests’ credit card details and other personal information. In a 9-page notification published on the official page, Trump Hotels informs customers that hackers managed to breach the systems of Sabre Hospitality ...
- Duma passes bill on protection of Russian state data networks
July 12, 2017
Russia’s lower house has approved a bill that defines which of the country’s informational infrastructure is to be considered critical, while setting a maximum sentence of 10 years imprisonment for hackers that attack it. In the final draft of the bill published on the State Duma’s website, critical informational infrastructure is defined as data systems and ...
- After Windows and Android, Operation Emmental Starts Targeting Apple Users
July 11, 2017
Security experts have discovered new malware that is specifically aimed at Apple customers, after previously targeting users running Windows and Android on their devices. Believed to be part of Operation Emmental, which was first spotted in 2012, the new malware is called Dok and is primarily targeting customers of Swiss banks, according to an in-depth analysis ...