Cybercriminal group Black Basta has reportedly teamed up with the evolving information stealing trojan known as Qbot. The cyber threat group utilized the trojan to move laterally on a network in a recent attack, according to researchers. Qbot has been around for 14 years, but has undergone many significant developments since its emergence. The malware helped the hackers to maintain persistence on a targeted network during the attack. Black Basta is much more recent, and its first known attack was in April.
Black Basta formerly leveraged Qakbot to maintain presence on the network, but has seemed to shift its tactics. Qbot boasts a variety of capabilities, including exfiltrating cookies, keylogging, lifting banking details, and stealing credentials. The sophisticated malware is also equipped with detection evasion and phishing capabilities such as email hijacking. Black Basta is a new actor in the hacking field, as its first reports of an attack occurred just a few months ago. Black Basta reportedly utilizes what is called a double-extortion attack in which data is first exfiltrated then ransomware deployed.
Read More: Black Basta Ransomware Teams Up with Malware Stalwart Qbot