500 Victims In, Black Basta Reinvents With Novel Vishing Strategy

Ransomware groups have always created problems for their victims that only they could solve. Black Basta is taking that core idea in a creative, new direction.

A new Black Basta campaign is annoying victims into submission with onslaughts of spam emails and fake customer service representatives tricking them into downloading malware.

The news comes against the backdrop of a fresh joint cybersecurity advisory from the FBI, Cybersecurity and Infrastructure Security Agency (CISA), Department of Health and Human Services (HHS), and Multi-State Information Sharing and Analysis Center (MS-ISAC), warning about Black Basta’s prolific attacks against critical infrastructure. The ransomware-as-a-service (RaaS) operation, the government says, typically uses spearphishing and software vulnerabilities to gain initial access into sensitive and high-value organizations.

But now, at least one prong of the Black Basta operation is taking a new approach. Instead of such incisive, targeted breaches, researchers from Rapid7 observed it sending gobs of spam emails to victims, only to then call them offering help. When victims accept the help, the intrusion commences…