Black Basta: A Cybercriminal Group Raking in $100 Million
Since its emergence in April 2022, the cybercriminal group Black Basta has extorted no less than $100 million in ransoms from its victims, as evidenced by joint research conducted by Corvus Insurance and the analytics firm Elliptic.
The hackers orchestrated attacks on over 330 companies worldwide, employing a double extortion scheme. Initially, malicious software, developed by affiliated individuals, pilfered confidential data from breached systems. Subsequently, the program encrypted these systems, denying access. The stolen information was then leveraged for blackmail and extortion purposes.
The largest ransom amounted to $9 million. At least 18 companies capitulated to the criminals’ demands, paying upwards of $1 million each. On average, the ransom demanded was $1.2 million. Data indicates that at least 35% of the organizations known to have been victimized by Black Basta opted to comply with the criminals’ terms, paying the requested sum.
There are speculations that the group is an offshoot of the infamous Conti gang, which disbanded in June of the same year. This theory is supported by the high skill level of the malware operators and their reluctance to recruit new members.
“The group’s onslaught of attacks on at least 20 victims within the first two weeks of its existence indicates significant experience in the use of ransomware and stable access to the infrastructure of the targeted companies,” states a report from the U.S. Department of Health and Human Services, published in March.
Black Basta is known to operate under the ‘ransomware-as-a-service’ (RaaS) model, providing partners with their tools and techniques.
Notable victims of Black Basta include major entities such as the American Dental Association, Canadian retailer Sobeys, German construction company Knauf, the Yellow Pages directory, the Toronto Public Library, and defense contractor Rheinmetall. The list of victims also features British technology firm Capita, which undertakes billion-dollar government projects, and industrial titan ABB, boasting annual revenues exceeding $29 billion.
