The 8Base ransomware group has remained relatively unknown despite the massive spike in activity in Summer of 2023. The group utilizes encryption paired with “name-and-shame” techniques to compel their victims to pay their ransoms. 8Base has an opportunistic pattern of compromise with recent victims spanning across varied industries. Despite the high amount of compromises, the information regarding identities, methodology, and underlying motivation behind these incidents still remains a mystery. Samples of their ransomware show they are using customized Phobos with SmokeLoader.
|2023-11-17 ⋅ Cisco Talos ⋅ |
A deep dive into Phobos ransomware, recently deployed by 8Base group
|2023-09-18 ⋅ KrebsOnSecurity ⋅ |
Who's Behind the 8Base Ransomware Website?
|2023-08-23 ⋅ Logpoint ⋅ |
Defending Against 8base: Uncovering Their Arsenal and Crafting Responses
8Base SmokeLoader SystemBC
|2023-07-27 ⋅ SOCRadar ⋅ |
Dark Web Profile: 8Base Ransomware
|2023-07-26 ⋅ Talos ⋅ |
Incident Response trends Q2 2023: Data theft extortion rises, while healthcare is still most-targeted vertical
BianLian Clop LockBit Royal Ransom LockBit 8Base BianLian Clop LockBit Money Message Royal Ransom
|2023-07-17 ⋅ Acronis ⋅ |
8Base ransomware stays unseen for a year
8Base Phobos SmokeLoader
|2023-06-30 ⋅ Twitter (@rivitna2) ⋅ |
Twitter thread about relationship between 8Base and Phobos ransomware
|2023-06-28 ⋅ vmware ⋅ |
8Base Ransomware: A Heavy Hitting Player
8Base Phobos SmokeLoader SystemBC
|2023-05-24 ⋅ BushidoToken Blog ⋅ |
Unmasking Ransomware Using Stylometric Analysis: Shadow, 8BASE, Rancoz
There is no Yara-Signature yet.