Trend Micro Warns of Sophisticated Black Basta & Cactus Ransomware Attacks
Cybersecurity firm Trend Micro has exposed a sophisticated cyber-attack involving the Black Basta and Cactus ransomware groups. The attack, which has primarily targeted North America, particularly the US, since October 2024, has resulted in significant financial losses for victims, with the manufacturing sector being the hardest hit.
The attack, which began in 2023, has seen Black Basta extort over $107 million from victims. The cybercriminals employ a stealthy infostealer malware that grants them persistent control over compromised machines, enabling them to steal sensitive data. They use social engineering techniques to gain initial access, exploit Microsoft Teams for impersonation, and use Quick Assist to escalate privileges.
The BackConnect malware, linked to QakBot and previously used by Black Basta, is deployed to maintain control over infected systems. This malware is used to sideload malicious DLLs, providing attackers with network access. Both Black Basta and Cactus ransomware actors have deployed this malware, enabling them to execute commands remotely, steal credentials, and exfiltrate financial data. Malicious files are hosted using commercial cloud storage services.
Trend Micro analysts have attributed these activities to the group known as Storm-0501, which is shifting tactics from traditional endpoint ransomware to cloud-based ransomware operations.
Organizations are urged to strengthen their cybersecurity measures in response to these evolving threats. This includes bolstering authentication measures, restricting the use of remote access tools, regularly auditing cloud storage configurations, monitoring network traffic, and educating employees on social engineering tactics. The concentrated nature of these attacks in North America, particularly the US, underscores the importance of these precautions.
Read also:
- Global Content Dissemination Through Cross-Linguistic Voiceovers
- JLR Fights Back After Cyberattack, Secures $7B in Funding, Appoints New CEO
- A2C Teams Up with Privacy4Cars to Strengthen FTC Compliance for Auto Dealers
- Mandated automobile safety technologies in the EU may be deemed "irrational," "erratic," and potentially dangerous, experts caution.
