Black Basta Leaks Highlight Phishing, Google Takeover Risks

Leaked data from the defunct Black Basta ransomware group highlights the group’s focus on phishing and Microsoft Teams attacks. The group’s leader, Oleg Nefedov, directed employees to connect with or emulate members of the Exploit cybercrime forum, who specialized in Microsoft Teams zero-days, brute-forcing, and Google account phishing. The leaked chats also reveal Nefedov’s connections to other ransomware groups like 3AM, Cactus, and Blacklock, suggesting a continued threat from Black Basta’s former affiliates.