“Black Basta has been observed targeting a range of industries, including manufacturing, construction, transportation, telcos, pharmaceuticals, cosmetics, plumbing and heating, automobile dealers, undergarments manufacturers, and more,” Cybereason said in a report.

Similar to other ransomware operations, Black Basta is known to employ the tried-and-tested tactic of double extortion to plunder sensitive information from the targets and threaten to publish the stolen data unless a digital payment is made.

Black Basta is said to be comprised of members belonging to the Conti group after the latter shuttered its operations in response to increased law enforcement scrutiny and a major leak that saw its tools and tactics entering the public domain after siding with Russia in the country’s war against Ukraine.

“I cannot shoot anything, but I can fight with a keyboard and mouse,” the Ukrainian computer specialist behind the leak, who goes by the pseudonym Danylo and released the treasure trove of data as a form of digital retribution, told CNN in March 2022.

The Conti team has since refuted that it’s associated with Black Basta. Last week, it decommissioned the last of its remaining public-facing infrastructure, including two Tor servers used to leak data and negotiate with victims, marking an official end to the criminal enterprise.


If this information is helpful to you read our blog for more interesting and useful content, tips, and guidelines on similar topics. Contact the team of COMPUTER 2000 Bulgaria now if you have a specific question. Our specialists will be assisting you with your query.

Content curated by the team of COMPUTER 2000.


Follow us to learn more


Let’s walk through the journey of digital transformation together.

By clicking on the SEND button you agree to the processing of personal data. In accordance with our Privacy Policy

10 + 11 =