Black Basta (Malware Family)

SYMBOL	COMMON_NAME	aka. SYNONYMS

elf.blackbasta (Back to overview)

Black Basta

ESXi encrypting ransomware, using a combination of the stream cipher ChaCha20 and RSA.

References

2023-03-30 ⋅ United States District Court (Eastern District of New York) ⋅ Fortra, HEALTH-ISAC, Microsoft
Cracked Cobalt Strike (1:23-cv-02447)
Black Basta BlackCat LockBit RagnarLocker LockBit Black Basta BlackCat Cobalt Strike Cuba Emotet LockBit Mount Locker PLAY QakBot RagnarLocker Royal Ransom Zloader

2023-01-25 ⋅ Quadrant Information Security ⋅ Quadrant Information Security
Technical Analysis: Black Basta Malware Overview
Black Basta Black Basta

2022-10-31 ⋅ Cynet ⋅ Max Malyutin
Orion Threat Alert: Qakbot TTPs Arsenal and the Black Basta Ransomware
Black Basta Cobalt Strike QakBot

2022-09-28 ⋅ vmware ⋅ Giovanni Vigna
ESXi-Targeting Ransomware: The Threats That Are After Your Virtual Machines (Part 1)
Avoslocker Babuk Black Basta BlackCat BlackMatter Conti DarkSide HelloKitty Hive LockBit Luna RansomEXX RedAlert Ransomware REvil

There is no Yara-Signature yet.