• Home
  • News
  • 8Base Ransomware Strikes Again

8Base Ransomware Strikes Again

Miklos Zoltan

By Miklos Zoltan . 28 May 2024

Founder - Privacy Affairs

Alex Popa

Fact-Checked this

The 8Base hackers announced another fresh operation, this time against 3 high-profile corporations from Japan and Belgium. These are Matusima Corporation, Shirasaki Corporation, and Architecture LEJEUNE GIOVANELLI.

  • 8Base operators gave the victims only several days to contact them for negotiations
  • The gang uses the double extortion technique to gain leverage during negotiations and force the victim into paying a higher ransom
  • Neither of the victims has commented on the attacks, so it’s unclear how much data the hackers have managed to steal
  • 8Base has ramped up its activity starting with Q4 of 2023, following the overall trend in the ransomware sphere

Ransomware attacks have increased in frequency considerably over the past year. Some of this is due to new-coming groups attempting to make a name for themselves, while the rest of the operations are tied to veteran gangs.

8Base is following the trend by targeting vulnerable private and public entities. The gang relies on an accurate and effective technique to infiltrate the victims’ system, evade detection, disable the firewall, encrypt the system, and exfiltrate the target data.

X showing the 8BASE attack on the 3 victims

The hackers will also leave behind a ransomware note instructing the victim on how to contact them for talks. If the victim doesn’t reach out to them within the given deadline or the negotiations fall flat, the hackers will leak the stolen data.

Needless to say, many businesses prefer to pay the ransom to gain access to their system or have the hackers delete the data. But that’s not the only reason.

Should You Pay the Ransom?

If you’re unfamiliar with the ransomware sphere, you probably don’t know that businesses are targeted more frequently than private individuals. The reasons are obvious: the projected profits are considerably higher.

But then, you may think, why would any business pay the ransom? They can bypass the encryption with some professional assistance, so it’s not like they can’t access their system anymore. The answer lies in the leaked data.

The fact that the company’s data leaks publicly, allowing everyone to access it and use it for their own gains, is a double-edged sword. On the other hand, this can drag other people into the mess, like the business’s employees and customers.

In turn, this will tarnish the company’s reputation, as people will become less willing to share their personal data with the company. Or use its services again in the future. On the other hand, there’s the legal aspect that weighs heavily in the balance.

To put it simply, it’s the company’s business to protect their clients and employees’ confidential information. Any data leak is the direct responsibility of the company, which failed, one way or the other, to prevent that from happening. And nobody wants that.

Which is why it’s not uncommon for major corporations to not report a data leak. And it also explains why businesses don’t address ransomware breach claims, even when coming from the hackers themselves. The hope is that, by not addressing, nobody will pay attention.

So, should you pay the ransom? The standard advice is no. Reports show that the hackers will most likely either leak your data, keep it to themselves, or sell it to other cybercriminal gangs anyway. Whether you pay or not.

This is a great incentive for adopting the no-negotiations policy.

Our Mission

We believe security online security matters and its our mission to make it a safer place.

Leave a Comment