Black Basta’s cybercrime group has reportedly received ransom payments worth at least $100 million since its emergence in April 2022, according to a joint research conducted by Corvus Insurance Company and analytical company Elliptic [1]. The group has targeted over 330 companies worldwide using a double extortion scheme. Initially, the hackers stole confidential data from the compromised systems, which they later encrypted to block access. They then used the stolen information for blackmail and extortion [2].
The largest ransom paid to Black Basta amounted to $9 million, and at least 18 companies have paid more than $1 million each. On average, the ransom amount is $1.2 million. It is estimated that around 35% of the known organizations targeted by Black Basta decided to comply with the criminals’ demands and paid the required amount [2].
There are speculations that the group may be a branch of the infamous Conti gang, which disbanded in June of the same year. The high level of malware expertise and the group’s unwillingness to recruit new members support this theory [2].
During the first two weeks of its existence, Black Basta launched mass attacks, indicating their significant experience in using extortion software and their stable access to the infrastructure of the targeted companies. A report published by the Ministry of Health and Social Services of the United States in March highlights the devastating impact of these attacks on the victims [3].
Black Basta operates as a Ransomware-AS-A-Service (RAAS) through Modeling Modeling as a Service, offering partners access to their tools and methods [4].
Among the victims of Black Basta are several prominent companies including the American Dental Association, Canadian retailer Sobeys, German construction company KNAUF, telephone directory Yellow Pages, public library in Toronto, and defense contractor Rheinmetall. Additionally, the British technological company Capita, which handles billion-dollar state projects, and the industrial giant ABB with an annual revenue of over $29 billion have also been targeted [5].
Sources: