Technologist Mag
  • Home
  • Tech News
  • AI
  • Apps
  • Gadgets
  • Gaming
  • Guides
  • Laptops
  • Mobiles
  • Wearables
  • More
    • Web Stories
    • Trending
    • Press Release

Subscribe to Updates

Get the latest tech news and updates directly to your inbox.

What's On

Samsung Galaxy Watch Ultra Now Available in a New Colour Variant in India

9 July 2025

Samsung Unpacked 2025: Galaxy Z Flip 7 FE With 3.4-inch Cover Display, Exynos 2400 SoC Launched

9 July 2025

Linda Yaccarino Tried to Tame X. Now She’s Out as CEO

9 July 2025

Ninja Cheerleader Brawler Ra Ra Boom Gets August Launch Date

9 July 2025

Samsung Galaxy Z Flip 7 FE – Specifications, Release Date, Latest News (9th July 2025)

9 July 2025
Facebook X (Twitter) Instagram
Facebook X (Twitter) Instagram
Technologist Mag
SUBSCRIBE
  • Home
  • Tech News
  • AI
  • Apps
  • Gadgets
  • Gaming
  • Guides
  • Laptops
  • Mobiles
  • Wearables
  • More
    • Web Stories
    • Trending
    • Press Release
Technologist Mag
Home » Black Basta: The Fallen Ransomware Gang That Lives On
Tech News

Black Basta: The Fallen Ransomware Gang That Lives On

By technologistmag.com14 April 20253 Mins Read
Share
Facebook Twitter Reddit Telegram Pinterest Email

The pecking order of ransomware gangs is always shifting and evolving, with the most aggressive and reckless groups netting big payouts from vulnerable targets—but often ultimately flaming out. Russian-speaking group Black Basta is the latest example of the trend having stalled out in recent months due to takedowns by law enforcement and a damaging leak. But after some quiet weeks, researchers warn that, far from being dead and gone, the actors involved with Black Basta will reemerge in other cybercriminal groups—or potentially already have—to start the cycle once again.

Since appearing in April 2022, Black Basta has generated hundreds of millions of dollars in payments targeting an array of corporate victims in health care, critical infrastructure, and other high-stakes industries. The group uses double extortion to pressure targets into paying a ransom—stealing data and threatening to leak it while also encrypting a target’s systems to hold them hostage. The US Cybersecurity and Infrastructure Security Agency warned last year that Black Basta had gone on a spree targeting more than 500 organizations in North America, Europe, and Australia.

A major international law enforcement takedown in 2023 of the “Qakbot” botnet hindered Black Basta’s operations, though. And, this February, a major leak of the group’s internal data—including chat logs and operational information—rocked the group. Since then, it has gone dormant. Researchers warn, though, that the criminals behind Black Basta are already on the move and are almost certain to stage a resurgence.

“We haven’t seen the leaders of Black Basta regroup, but they’re going to continue to work, they’re going to continue to operate,” says Allan Liska, a threat intelligence analyst focused on ransomware at the security firm Recorded Future. “There’s still too much money in it not to. And ransomware actors are creatures of habit just like anyone.”

The leak revealed details about Black Basta’s malware and technical capabilities, its internal squabbles, and clues about the identity of the actors behind the group, particularly its main administrator. The exposed data was from what might be considered Black Basta’s heyday, September 2023 to September 2024. During this period, the group didn’t shy away from the possibility of causing harm with its breaches. A particularly aggressive attack last year on the St. Louis–based health care network Ascension, for example, reportedly caused disruptions in care, including rerouted ambulances.

Black Basta struggled to maintain its momentum, though, after the 2023 Qakbot takedown, known as Operation Duck Hunt.

“It was a huge blow to them, and they were trying to get back on their feet—use other botnets, work on a custom botnet, but that didn’t really work, and ultimately their infection rate was declining,” says Yelisey Bohuslavskiy, chief research officer of the threat-intelligence firm RedSense. “They had fewer targets and were getting into fewer networks. They were still dangerous, but there was this feeling that there was deterioration going on.”

Even in this decline, there was evidence that Black Basta was trying to mount a resurgence. In addition to exploring new malware, the gang started focusing on compromising targets through social engineering and influence campaigns, particularly spam email operations and tech support scams. But after the leak, Bohuslavskiy says, members began moving to other groups and have already been buoying their new gangs.

Share. Facebook Twitter Pinterest LinkedIn Telegram Reddit Email
Previous ArticleOnePlus 13T design leaks and it’s got serious iPhone vibes
Next Article Realme GT 7 Confirmed to Launch on April 23; to Pack a 7,200mAh Battery in an 8.25mm Thick Body

Related Articles

Linda Yaccarino Tried to Tame X. Now She’s Out as CEO

9 July 2025

The 19 Best Prime Day Coffee Maker Deals on Brewers, Grinders, Espresso Machines, and More

9 July 2025

10 Best Prime Day Kitchen Deals for Elevating Your Meals in 2025

9 July 2025

China Has Attempted What Might Be the First-Ever Orbital Refueling of a Satellite

9 July 2025

The 191 Best Prime Day Deals On Stuff We’ve Tested and Love

9 July 2025

The 17 Best Prime Day Apple Deals on iPads, AirPods, and MacBooks

9 July 2025
Stay In Touch
  • Facebook
  • Twitter
  • Pinterest
  • Instagram
  • YouTube
  • Vimeo

Subscribe to Updates

Get the latest tech news and updates directly to your inbox.

Don't Miss

Samsung Unpacked 2025: Galaxy Z Flip 7 FE With 3.4-inch Cover Display, Exynos 2400 SoC Launched

By technologistmag.com9 July 2025

Samsung Galaxy Z Flip 7 FE was launched at the Galaxy Unpacked 2025 event in…

Linda Yaccarino Tried to Tame X. Now She’s Out as CEO

9 July 2025

Ninja Cheerleader Brawler Ra Ra Boom Gets August Launch Date

9 July 2025

Samsung Galaxy Z Flip 7 FE – Specifications, Release Date, Latest News (9th July 2025)

9 July 2025

Lava Blaze AMOLED 2, Blaze Dragon to Launch in India This Month

9 July 2025
Technologist Mag
Facebook X (Twitter) Instagram Pinterest
  • Privacy
  • Terms
  • Advertise
  • Contact
© 2025 Technologist Mag. All Rights Reserved.

Type above and press Enter to search. Press Esc to cancel.