HQ/EMEAFind out how we can help your business
Researchers observed a surge of 8Base ransomware attacks that have successfully evaded security detections for over a year. The investigation claimed that the attacks peaked during May and last month.
Based on reports, the operators of the ransomware group self-identify as simple pen-testers that commonly try to penetrate targeted entities. The group has been allegedly active since at least March of last year.
A recent study showed that the 8base ransomware group is the culprit of numerous attacks.
According to an investigation last month, the 8Base ransomware group is the responsible attacker to nearly 70 campaigns worldwide. Among their most prioritised targets came from the manufacturing, business services, and construction sectors.
Most of these companies came from the United States and Brazil, implying that the group focuses on such regions.
In addition, threat analysts discovered that the group increased their attacks in June after adopting a double extortion strategy that gave them more leverage against their victims.
The group’s affiliate dark web extortion site has published a list of 35 new victims. In other instances, the ransomware operators have also disclosed several victims simultaneously, with reported incidents of up to six organisations falling victim to their cybercriminal operations.
Numerous researchers have different opinions about 8Base’s affiliates. Some researchers said that the group is a rebrand of the notorious RansomHouse gang. 8Base allegedly includes ransom notes and content in its leak sites that overlap with RansomHouse. The only difference is that the RansomHouse group openly endorses its partnership with other malicious groups, while 8Base does not.
Other researchers also believe that the Phobos ransomware has a connection with the 8Base group since they have utilised the ‘8[.]base’ file extension in their recent attacks.
Therefore, the cybersecurity community is split as to whether the 8Base is from RansomHouse or Phobos.
This speculation allowed experts and threat analysts to claim that 8Base is a severe threat as it appears to be a reliable affiliate to multiple threat groups. The ransomware operators have displayed a high level of sophistication that could be detrimental to the safety of smaller businesses globally.
