Leaked Black Basta Chat Logs Reveal Ransomware Gang’s Secrets

A massive trove of internal chat logs from the notorious Black Basta ransomware group has surfaced online, exposing key members, unreported victims, and operational tactics of this Russia-linked cybercrime syndicate.

Key Revelations from the Leak

  • 200,000+ messages spanning September 2023 to September 2024
  • Shared with threat intelligence firm Prodaft by a leaker using the alias “ExploitWhispers”
  • Leak reportedly stems from internal conflicts over failed decryption tools for paying victims

Who is Black Basta?

The U.S. government has linked this prolific Russian-language ransomware group to:

  • Hundreds of attacks on critical infrastructure and global businesses
  • High-profile victims including:
    • U.S. healthcare provider Ascension (5.6 million patients affected)
    • UK utility company Southern Water
    • British outsourcing giant Capita

Inside the Gang: Key Members Exposed

The logs identify several core operatives:

  • “YY”: Main administrator
  • “Lapa”: Key leader
  • “Cortes”: Hacker linked to Qakbot botnet
  • “Trump” (aka “AA”, “GG”): Believed to be Oleg Nefedovaka, allegedly the group’s “main boss” with ties to the defunct Conti ransomware group

Shockingly, one member reportedly claimed to be just 17 years old in the chats.

Operational Insights Revealed

The leaked data provides unprecedented visibility into Black Basta’s activities:

  • 380 unique ZoomInfo links used for target research
  • Phishing templates and exploit details
  • Cryptocurrency addresses for ransom payments
  • Victim negotiation transcripts
  • Discussions about TechCrunch coverage of their activities

Previously Unknown Targets

The logs mention several organizations not previously linked to Black Basta:

  • Failed EV startup Fisker
  • Health tech provider Cerner Corp (now Oracle-owned)
  • UK travel firm Hotelplan

Technical Exploits and Vulnerabilities

The gang discussed exploiting:

  • Citrix remote access products
  • Security flaws in Ivanti, Palo Alto Networks, and Fortinet software
  • Enterprise network devices (routers, firewalls)

Growing Internal Concerns

Messages reveal the group’s anxieties about:

  • Russian authorities cracking down due to geopolitical pressures
  • U.S. government actions, particularly after the Ascension breach
  • One member warned: “FBI and CISA are 100% obliged to get involved”

Why the Leak Occurred

The leaker claimed Black Basta “crossed the line” by targeting Russian domestic banks, prompting the exposure. At time of publication, Black Basta’s dark web leak site was offline.

This unprecedented leak provides cybersecurity professionals and law enforcement with valuable intelligence to combat one of the world’s most dangerous ransomware operations.

📚 Featured Products & Recommendations

Discover our carefully selected products that complement this article’s topics:

🛍️ Featured Product 1: GESKE Magnetic USB Cable for All SmartAppGuided™ Devices | Universal Charging Cable Beauty Devices | Replacement USB Charging Cable…

GESKE Magnetic USB Cable for All SmartAppGuided™ Devices | Universal Charging Cable Beauty Devices | Replacement USB Charging Cable… Image: Premium product showcase

High-quality geske magnetic usb cable for all smartappguided™ devices | universal charging cable beauty devices | replacement usb charging cable… offering outstanding features and dependable results for various applications.

Key Features:

  • Premium materials and construction
  • User-friendly design and operation
  • Reliable performance in various conditions
  • Comprehensive quality assurance

🔗 View Product Details & Purchase

🛍️ Featured Product 2: GH1.25 to Dupont2.54 Pre-Crimped Cables and Connectors Kit Compatible with JST GH 1.25mm for Pixhawk4 Pixhawk 6C 6X 20cm Silicone Wire…

GH1.25 to Dupont2.54 Pre-Crimped Cables and Connectors Kit Compatible with JST GH 1.25mm for Pixhawk4 Pixhawk 6C 6X 20cm Silicone Wire… Image: Premium product showcase

Advanced gh1.25 to dupont2.54 pre-crimped cables and connectors kit compatible with jst gh 1.25mm for pixhawk4 pixhawk 6c 6x 20cm silicone wire… engineered for excellence with proven reliability and outstanding results.

Key Features:

  • Cutting-edge technology integration
  • Streamlined workflow optimization
  • Heavy-duty construction for reliability
  • Expert technical support available

🔗 View Product Details & Purchase

🛍️ Featured Product 3: Getino Compatible with Fitbit Sense/Sense 2 Bands/Versa 3/ Versa 4 Bands Women Men, Soft Thin Sport Accessories, Slim Band for Fitbit Versa 3/ Ver…

Getino Compatible with Fitbit Sense/Sense 2 Bands/Versa 3/ Versa 4 Bands Women Men, Soft Thin Sport Accessories, Slim Band for Fitbit Versa 3/ Ver… Image: Premium product showcase

Advanced getino compatible with fitbit sense/sense 2 bands/versa 3/ versa 4 bands women men, soft thin sport accessories, slim band for fitbit versa 3/ ver… engineered for excellence with proven reliability and outstanding results.

Key Features:

  • Professional-grade quality standards
  • Easy setup and intuitive use
  • Durable construction for long-term value
  • Excellent customer support included

🔗 View Product Details & Purchase

💡 Need Help Choosing? Contact our expert team for personalized product recommendations!

Remaining 0% to read
All articles, information, and images displayed on this site are uploaded by registered users (some news/media content is reprinted from network cooperation media) and are for reference only. The intellectual property rights of any content uploaded or published by users through this site belong to the users or the original copyright owners. If we have infringed your copyright, please contact us and we will rectify it within three working days.