Black Basta ransomware is the newest ransomware group targeting large corporations, the group emerged in April, and has already left at least 12 known victims.
Black Basta acts with the tactic of double extortion. Before encrypting the files, the group copies them and sends them to a remote server. This tactic is extremely damaging to the victims, because not only are they pressured to pay the ransom to decrypt the files, but they are also threatened with the leak of the data.
The group maintains two sites to expose their victims’ files, the Black Basta Blog and the Basta News Tor. There is still little information about the group, it appears that it is a closed group that does not operate with RaaS (Ransomware a as Service) tactics.
After taking control of the victim’s system and encrypting the files, the group changes the wallpaper to display the following message: “Your network is encrypted by the Black Basta group. Instructions in the readme.txt file.” In all encrypted folders the readme.txt file is left. It is added to all files inscribed with the extension .basta.
Recover Files Encrypted by Ransomware Black Basta
Digital Recovery specializes in recovering data encrypted by ransomware, with over 23 years of experience in the data recovery market.
Our experts have developed unique solutions to recover encrypted files, we have exclusive technologies for this purpose, this puts us at the forefront of data recovery.
We can recover data encrypted on HD, SSD, Database, Servers, Storages (NAS, DAS, SAN), RAID System, Virtual Machines, among others. Our labs have 24×7 availability, and when recovering in emergency mode, we can recover remotely anywhere in the world.
We provide all of our clients with a confidentiality agreement (NDA).
Contact us and start recovering your encrypted data right now.
