Summary: Recent leaks of chat logs from the Black Basta ransomware group suggest possible ties to Russian authorities. The messages reveal insights into their operations, use of AI for malicious purposes, and development of new cybercrime tools, including a brute-forcing framework aimed at corporate networks. These findings complicate efforts for Black Basta to distance itself from past activities following internal and external pressures.
Affected: Black Basta ransomware operation
Key points :
- The trove includes over 200,000 messages from September 2023 to September 2024.
- Group leader Oleg Nefedov may have received help from Russian officials to escape arrest.
- Black Basta has two offices in Moscow and collaborates with other ransomware groups.
- The group uses AI tools like ChatGPT to enhance their fraudulent activities.
- They developed a framework, BRUTED, for automated credential stuffing and scanning corporate networks.
- Investments in BRUTED facilitate large-scale attacks targeting weak passwords.
Source: https://thehackernews.com/2025/03/leaked-black-basta-chats-suggest.html