Summary: A leak of more than a year’s worth of internal chat logs from the Black Basta ransomware gang reveals insights into their operations and internal conflicts. The Russian-language conversations from 2023 to 2024 expose the group’s targeting of entities, including Russian banks, and highlight their tactics, such as exploiting security vulnerabilities and social engineering. Additionally, the logs indicate significant discord within the gang, contributing to their decreased activity in 2024.
Affected: Black Basta ransomware group
Keypoints :
- Chat logs reveal Black Basta’s use of QakBot for attacks and double extortion techniques, targeting over 500 entities globally.
- Internal strife, driven by key figures, has led to decreased activity and the migration of members to other ransomware groups.
- Discussion in the logs highlights their exploitation of vulnerabilities like SMB misconfigurations and use of legitimate file-sharing platforms to evade detection.
Source: https://thehackernews.com/2025/02/leaked-black-basta-chat-logs-reveal.html