• Home
  • News
  • Black Basta Ransomware Infects Another US Victim

Black Basta Ransomware Infects Another US Victim

Miklos Zoltan

By Miklos Zoltan . 11 February 2024

Founder - Privacy Affairs

Alex Popa

Fact-Checked this

Black Basta announced on their public platform that they’ve infected another high-profile victim on US soil recently. The target is Willis Lease Finance Corporation with more than 45 years in jet engine leasing.

  • Willis Lease didn’t comment on the recent attack, but it is presumed that they’re negotiating with the attacker
  • Black Basta has a frightening reputation of demanding exorbitant ransoms and using very aggressive negotiation tactics
  • The infamous ransomware actor is also extremely surgical and efficient in its attacks, using a multitude of tactics to achieve its goals
  • As is typically the case, Black Basta used the double extortion technique to force Willis Lease into submission

There’s no word on how much data Black Basta managed to steal from its victim or how much damage the attack inflicted. The organization relies on the double extortion practice to gain more leverage against its targets.

Investigation agencies raise an alarm signal against Black Basta, warning that the organization has increased the frequency of its attacks. This is especially concerning when assessing the group’s tactics and effectiveness.

X showing the BlackBasta attack Willis Lease Finance Corporation

According to in-depth assessments and reports, Black Basta is most likely the most prolific, successful, and dangerous ransomware entity in the world. This spot originally belonged to Conti and followed by Lockbit for a while.

But the birth of Black Basta turned everything on its head. The organization quickly rose to power and inflicted heavy damage both in the public and the private sector. And things don’t seem to slow down.

Why Black Basta Is So Dangerous

Black Basta first hit the public sphere in early 2022 and managed to rack up more than 100 victims and 19 high-profile targets within its first few months of activity. The extortion ring used the double extortion method right from the beginning.

This gave the organization a lot of leverage during negotiations, which explains the outstanding financial gains to date. According to reputed investigation agencies, Black Basta accumulated over $100 million in ransom money over the span of little over a year.

This is an outstanding amount of money if we consider that Lockbit, another world-famous ransomware actor, stacked up $91 million over 5 years of activity. Black Basta managed to overcome that threshold with relative ease.

This is evidence of the organization’s impressive power and resourcefulness and hints at an even bigger future growth. According to reputed investigation agencies, Black Basta shares code similarities with the now defunct Conti gang.

Conti dismantled in early 2022, immediately after Russia invaded Ukraine. The same period coincided with the emergence of Black Basta, which shared numerous similarities with Conti.

The generally accepted theory today is that Black Basta is one of Conti’s successors, because there are other extortion rings that bear similarities to the infamous Russian gang. Conti was once the most successful ransomware actor in the world.

As evidence shows, Black Basta is following the same trend today, quickly becoming a global threat. Specialists warn that Conti leaked manpower, tech, and resources into the newly founded Black Basta, which hints at the actor’s future expansion.

Our Mission

We believe security online security matters and its our mission to make it a safer place.

Leave a Comment