Black Basta / Who is the Black Basta hacking group that has stunned PC users around the world?

The Black Basta hacking group has threatened companies using Microsoft Teams worldwide with ransomware attacks. This group is emailing employees in the name of IT Help Desk and installing ransomware in their systems, which gives remote access to the system to hackers.

Vikrant Shekhawat : Oct 28, 2024, 03:40 PM
Black Basta: The Black Basta hacking group has created a stir among PC and laptop users around the world. This dangerous group is now making the Microsoft Teams video conferencing platform used in corporate companies its new target. Recently this group has threatened the employees of the companies with ransomware attack. This group of cyber criminals sends e-mails to employees in the name of "Microsoft Help Desk", which installs Black Basta ransomware in their system. Once the ransomware is installed, it takes over the remote access of the user's PC or laptop.

Who is the Black Basta hacking group?

ReliaQuest, an American cybersecurity company, has shared information about the Black Basta hacking group through Bleeping Computer. The group has been active since April 2022 and is carrying out ransomware attacks targeting corporates. The Black Basta hacking group is believed to be part of the Conti cybercrime syndicate network, which was shut down in June 2022. Now, this group is targeting big corporates globally, and demands ransom by encrypting their data.

How does Black Basta work?

Black Basta mainly targets corporate networks. For this, this hacking group uses social engineering techniques, which makes it easier to break into the high-security systems of companies. This group sends fake Microsoft Help Desk emails to employees, citing security-related issues and tempting them to click on a file or link.

As soon as the employee clicks on the link, the hackers persuade them to give access to AnyDesk or other remote desktop tools. After this, the hackers enter their system and take full access to the company's network and install Black Basta ransomware there.

Targeting employees in the name of IT Help Desk

The Black Basta hacking group contacts corporate employees in the name of IT Help Desk. For this, apart from email, they also resort to Microsoft Teams chat and one-on-one calls. Employees, thinking that they are talking to their company's real IT Help Desk, fall into the trap of hackers and give remote access to their system. Once access to the system is gained, hackers install Black Basta ransomware and deeply infiltrate the company's network.

How to avoid Black Basta ransomware attack?

According to cyber security experts, the following measures can be taken to avoid threats like Black Basta:

Beware of fake IT Help Desk emails: Ignore any unknown email or Microsoft Teams request. Check the address of the email sender and confirm whether it is from a trusted source or not.

Do not give remote desktop access: Do not give remote access to any unknown person. If it is necessary, give access only after confirmation.

Keep security software and systems updated: Use good antivirus and anti-malware software on your PC and keep updating your system from time to time.

Make employees aware of security: Companies should tell their employees about the measures to avoid such cyber threats and make them aware.

Conclusion

The emergence of hacking groups like Black Basta shows that cyber criminals are constantly adopting new methods. Therefore, companies and their employees have to be alert and learn to identify such fake IT Help Desk requests. By following small cyber security precautions, these threats can be avoided and the security of companies' data can be ensured.