Former Black Basta Affiliates Launch Fast-Scale Intrusion Campaign Targeting Senior Executives
A group of former affiliates of the Black Basta ransomware group has initiated a fast-scale intrusion campaign targeting senior executives across various organizations. According to ReliaQuest, the campaign involves social engineering tactics such as mass email bombing and impersonation on Microsoft Teams help desks. The attackers aim to gain privileged access to network systems for potential data theft, extortion, and ransomware deployment. The campaign, which surged last month, has primarily targeted executives, directors, and managers, leveraging remote access tools and focusing on sectors historically favored by Black Basta. The group’s operations follow a playbook similar to previous Black Basta activities, suggesting experienced operators are involved. 
