Ransomware Roundup - Black Basta
Fortinet News, Thursday, June 22, 2023
On a bi-weekly basis, FortiGuard Labs gathers data on ransomware variants of interest that have been gaining traction within our datasets and the OSINT community. The Ransomware Roundup report aims to provide readers with brief insights into the evolving ransomware landscape and the Fortinet solutions that protect against those variants.
This latest edition of the Ransomware Roundup covers the Black Basta ransomware.
- Affected platforms: Microsoft Windows, VMWare ESXi servers
- Impacted parties: Microsoft Windows and ESXi Users
- Impact: Encrypts files on the compromised machine and demands ransom for file decryption
- Severity level: High
Black Basta Ransomware Overview
Over the past few months, Black Basta ransomware has made headlines for allegedly compromising high-profile European and North American organizations across a variety of industries, such as outsourcing, technology, and manufacturing.
The history of Black Basta ransomware dates back to at least April 2022, with a professional organizations company in the United States being one of its first victims. Since then, Black Basta has slowly expanded their operations, with the group allegedly compromising and stealing data from a US government contractor and a US aerospace and defense company in late 2022.