Interesting Research Blogs By Threat Intelligence(TI) Companies

Black Basta Ransomware — Cyble

Black basta ransomware is a new malware group targeting several high value organizations. This group extracted around 2.5 Gb data from this attack. This Ransomware encrypt all the data and delete backup files from the infected system. Cyble research team has investigate black basta ransomware and released a blog about it on may 2022.

Black Cat Ransomware — cybereason

Black cat ransomware created in rust programming language. It unpatched Exchange server vulnerabilities to gain access to targeted networks. Once attacker gaining entry point, to gather information compromised machines, it being used on every victim’s Tor payment site. Using of rust programming language makes process fast and run along with cross platforms. Take a look of below attachment.

0mega ransomware — cyware

Its new ransomware has checked the targeted organization all over the world. It launches double-extortion attacks and claim millions of data as ransom. This attack happens in may. It nearly leaks 152 GB of stolen data. It encrypts the file with extension of .0mega. If the demanded ransom wasn’t paid, the crew has leaked the data in their site.

REvil — Malwarebytes

This ransom is one of the most shoddy and perilous operation. It is biggest ransomware attack all the time. The crew use variety of method to compromise network and scatter the ransomware. Then the crew spilt the ransom with the threat actors who develop REvil. REvil is also known as Sodinokibi or Sodin.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store