• Home
  • News
  • 8Base Ransomware Hits 4 Across the US and Singapore

8Base Ransomware Hits 4 Across the US and Singapore

Bogdan Pătru

By Bogdan Pătru . 8 April 2024

Tech Writer

Alex Popa

Fact-Checked this

8Base hackers announced 4 victims in a recent ransomware attack. Three are located in the US, while the other is from Singapore. The hackers posted a short summary of each victim, along with a 4-day deadline until the stolen data leaked publicly.

  • 8Base first appeared publicly in May 2023 but managed to gain global notoriety in less than a year
  • The hackers advertise themselves as public servants, as they (supposedly) only target companies that lack proper cyber defenses
  • 8Base showcased the increased level of activity toward the end of 2023, and the trend seems to continue in 2024
  • None of the victims have commented on the recent events, and it’s unclear if they’ve decided to negotiate with the attackers

Ransomware attacks have increased in intensity considerably over the past year, with several notable organizations coming out almost overnight. Some specialize strictly in ransomware attacks, while others, like Stormous, also get involved in politics.

Ransomware attacks are notoriously damaging, whether the victim pays the ransom or not. Especially if it pays the ransom, which is rather counterintuitive. Cybersecurity experts warn that negotiating with the hackers is never meant to produce anything positive.

That’s because most ransomware actors won’t delete the stolen data anyway. Instead, they will keep it for themselves or sell it to other cybercriminal gangs. This explains why some targets are infiltrated multiple times following the first breach.

X showing the 8BASE attack on the four victims
https://twitter.com/FalconFeedsio/status/1777328039510343948

The best move is to ignore the hackers and work on improving your cybersecurity to prevent such attacks from ever reoccurring. It’s also important to note that many ransomware programs leave open “doorways” into the victim’s system.

This allows the hackers to spy and infiltrate the same victim a lot easier at a later date. These vulnerable hotspots are difficult to identify, which is why it’s always wise to work with cybersecurity experts to clean your system and reinforce it properly.

How 8Base Gang Operates

8Base has had a slow beginning but caught wind fast. The gang expanded its reach quickly, managing to hit multiple low and medium-level organizations across the world. They don’t typically coordinate their strikes to infiltrate multiple targets at the same time, though.

This makes this recent operation a bit unusual, as it resulted in 4 victims spread between 2 countries.

8Base appears to be an advanced ransomware actor that values stealth and clean-cut infiltrations. They cover their tracks quite effectively and rely on a Ransom-as-a-Service model (RaaS).

This allows them to use affiliates to conduct profitable operations without exposing themselves in the process.

While 8Base operators have produced victims in a variety of industries, they seem to prioritize the business sector. The “why” part is no surprise, given that the hackers are exclusively motivated by financial gains.

That being said, 8Base operators always follow the money wherever it might lead them. As the recent data shows, 8Base has targeted several industries, including healthcare, education, finance, and manufacturing.

If you believe you fit the profile of the perfect 8Base victim, it might be time to have a chat with your preferred cybersecurity professional.

Our Mission

We believe security online security matters and its our mission to make it a safer place.

Leave a Comment