Black Basta ransomware is the newest ransomware group targeting large corporations, the group emerged in April, and has already left at least 12 known victims.
Black Basta acts with the tactic of double extortion. Before encrypting files, the group copies them and sends them to a remote server. This tactic is extremely damaging to the victims as, in addition to being pressured to pay the ransom to decrypt the files, they are also threatened with data leakage.
The group maintains two websites to expose their victims’ files, the Black Basta Blog and Basta News Tor. There is still little information about the group, it seems that it is a closed group that does not operate with RaaS (Ransomware a as Service) tactics.
After taking control of the victim’s system and encrypting the files, the group changes the wallpaper to display the following message: “Your network is encrypted by the Black Basta group. Instructions in the readme.txt file.” In all encrypted folders the readme.txt file is left. It is added in all the files inscribed with the extension .basta.
Recover Files Encrypted by Black Basta Ransomware
Digital Recovery specialises in recovering data encrypted by ransomware, with over 23 years of experience in the data recovery market.
Our experts have developed unique solutions to recover encrypted files, we have exclusive technologies for this purpose, this puts us at the forefront of data recovery.
Our solutions have been developed based on the General Data Protection Regulation (GDPR), so that there is full security for both parties.
We can recover data encrypted in HD, SSD, Database, Servers, Storages (NAS, DAS, SAN), RAID System, Virtual Machines, among others. Our labs have 24×7 availability, in emergency recovery mode, we can make remote recovery anywhere in the world.
We provide to all our customers the confidentiality agreement (NDA).
Contact us and start right now the recovery of your encrypted data.