Photo credit: arstechnica.com

Internal Divisions Uncovered in Black Basta Organization

A recent analysis of Russian-language documents has revealed significant internal conflicts within the notorious Black Basta hacking group, particularly following the arrest of one of its key leaders. These divisions are reportedly worsening, increasing the risk that other members may be apprehended.

According to experts, tensions appear to be escalating between the group’s current leader, Oleg Nefedov, and his associates. Key points of contention have arisen around decisions made by Nefedov, such as his controversial choice to target a Russian bank, which inadvertently placed Black Basta under the scrutiny of Russian law enforcement.

As a researcher from Prodraft noted, “The personal financial motivations of Oleg, the group’s head, largely influence operational decisions, often at the expense of the team’s safety and interests.” The researcher further highlighted that under Nefedov’s leadership, a coordinated attack against the infrastructure of several Russian banks took place, seemingly without any repercussions from law enforcement—a situation that could generate significant backlash from these authorities.

The leaked information also brought to light details about various group members, including two administrators known as Lapa and YY, along with Cortes, who is linked to the Qakbot ransomware organization. Additionally, over 350 unique links extracted from ZoomInfo, a well-known data service, have been released, showcasing how Black Basta associates utilized this resource to gather intelligence on their targets.

In a response to these findings, cybersecurity firm Hudson Rock has incorporated the chat logs into ChatGPT, developing a tool named BlackBastaGPT. This initiative aims to assist researchers in studying and understanding the operational dynamics of the Black Basta group.

Source
arstechnica.com