BlackBasta Leaks: Lessons from the Ascension Health attack
The BlackBasta ransomware group’s leaked chat logs have proven to already be another unique and fascinating opportunity for researchers to better understand the internal operations of a Russia-based organised cybercrime enterprise. These leaks followed a major leak of Conti chat logs in 2022, which also proved to be a treasure trove of intelligence on the cybercrime enterprise. The BlackBasta gang consists of former Conti ransomware members and it should come as no surprise that their operations are similar in nature and structure. Ransomware researchers have several valuable resources to conduct investigations with nowadays. This includes ransomware.live , which contains several resources including ransomch.at , a collection of negotiation chats between ransomware gangs and their victims, as well as the ransomware tool matrix and ransomware vulnerability matrix . These resources allow to deeply understand the capabilities and motivations of these ransomware gangs. However, leaked...