Ransomware Black Basta

Black Basta ransomware is the newest ransomware group targeting large corporations, the group emerged in April, and has already left at least 12 known victims.

Black Basta acts with the tactic of double extortion. Before encrypting files, the group copies them and sends them to a remote server. This tactic is extremely damaging to the victims as, in addition to being pressured to pay the ransom to decrypt the files, they are also threatened with data leakage.

The group maintains two websites to expose their victims’ files, the Black Basta Blog and Basta News Tor. There is still little information about the group, it seems that it is a closed group that does not operate with RaaS (Ransomware a as Service) tactics.

After taking control of the victim’s system and encrypting the files, the group changes the wallpaper to display the following message: “Your network is encrypted by the Black Basta group. Instructions in the readme.txt file.” In all encrypted folders the readme.txt file is left. It is added in all the files inscribed with the extension .basta.

Recover Files Encrypted by Black Basta Ransomware

Digital Recovery specialises in recovering data encrypted by ransomware, with over 23 years of experience in the data recovery market.

Our experts have developed unique solutions to recover encrypted files, we have exclusive technologies for this purpose, this puts us at the forefront of data recovery.

Our solutions have been developed based on the General Data Protection Regulation (GDPR), so that there is full security for both parties.

We can recover data encrypted in HD, SSD, Database, Servers, Storages (NAS, DAS, SAN), RAID System, Virtual Machines, among others. Our labs have 24×7 availability, in emergency recovery mode, we can make remote recovery anywhere in the world.

We provide to all our customers the confidentiality agreement (NDA).

Contact us and start right now the recovery of your encrypted data.

We are
always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts

Ransomware AtomSilo

AtomSilo Ransomware

The AtomSilo ransomware emerged in September 2021, the group acts a little differently than other ransomware groups, the ransom amount is fixed, $1 million is

Khonsari Ransomware

Khonsari Ransomware

The Khonsari ransomware was the first group to exploit known Apache Log4j vulnerabilities (CVE-2021-44228 and CVE-2021-45046), the group has focused its attacks on Windows servers that


Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.