Ransomware group 'Black Basta' has raked in over $100M – researchers | Inquirer Technology

Ransomware group ‘Black Basta’ has raked in over $100M – researchers

/ 07:29 AM November 30, 2023
Ransomware gang "Black Basta" rakes in over $100 million
FILE PHOTO: A hooded man holds a laptop computer as cyber code is projected on him in this illustration picture taken on May 13, 2017. REUTERS/Kacper Pempel/Illustration

WASHINGTON — A cyber extortion gang suspected of being an offshoot of the notorious Russian Conti group of hackers has raked in more than $100 million since it emerged last year, researchers said in a report published Wednesday.

Digital currency tracking service Elliptic and Corvus Insurance in a joint report said the ransom-seeking cybercrime group known as “Black Basta” has extorted at least $107 million in bitcoin, with much of the laundered ransom payments making their way to the sanctioned Russian cryptocurrency exchange Garantex.

An attempt to reach Black Basta via its dark website was not successful. A spokeswoman for Garantex, which was sanctioned by the US Treasury in April last year, said the company welcomed initiatives “to fight cybercrime around the world” and encouraged Elliptic and others to share information about the hackers’ finances, saying suspicious funds would be blocked.

Article continues after this advertisement

Elliptic co-founder Tom Robinson said the massive haul made Black Basta “one of the most profitable ransomware strains of all time.” He said the researchers came up with the figure by identifying known ransom payments tied to the group and tracing how the digital currency was laundered, which revealed additional payments.

FEATURED STORIES

Robert McArdle, a cybercrime expert with security firm TrendMicro who was not involved in the report, said the Black Basta figure was “certainly in a believable range for their operations.”

The Elliptic-Corvus report said it had also uncovered evidence tying Black Basta to the defunct Russian group “Conti.”

Article continues after this advertisement

Conti used to be among the top ransomware gangs – operators that shook down victims either by encrypting their data and demanding money to unscramble it, by threatening to publish stolen information to the web, or both.

Article continues after this advertisement

The Russia-based group dismantled its leak site after the Kremlin’s full-scale invasion of Ukraine in early 2022 and the posting of US bounties on its leadership that year but researchers have long suspected that the group merely reorganized and rebranded.

Article continues after this advertisement

“Conti was perhaps the most successful ransomware gang we’ve seen,” Robinson said. The latest findings suggest that “some of the individuals responsible are replicating its success with the Black Basta ransomware,” he added.

RELATED STORIES

Article continues after this advertisement

Ransomware attack on China’s ICBC disrupts Treasury market trades

Ransomware hit usually costs PH firm about $1M, says Fortinet

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our daily newsletter

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

47% of hacked SE Asia firms paid ‘ransom’

TOPICS: "dark web", cyber crimes, cyber extortion, Cyber security, ransomware
TAGS: "dark web", cyber crimes, cyber extortion, Cyber security, ransomware

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our newsletter!

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

© Copyright 1997-2024 INQUIRER.net | All Rights Reserved

This is an information message

We use cookies to enhance your experience. By continuing, you agree to our use of cookies. Learn more here.