The Black Basta ransomware group, potentially linked to the notorious Russian hacker group Conti, has reportedly amassed over $100 million through illicit activities since its inception last year. This information comes from a comprehensive research report released on Wednesday by digital currency tracking service Elliptic and Corvus Insurance.
The report details how Black Basta, a formidable name in the cybercrime world, compelled its victims to pay a staggering sum of at least $107 million, predominantly in Bitcoin. A significant portion of these laundered ransom payments was traced to Garantex, a Russian cryptocurrency exchange currently under sanctions.
Tom Robinson, the co-founder of Elliptic, shed light on the meticulous process researchers employed to track the digital currency flow. This tracking enabled the identification of additional payments, offering a clearer picture of the group’s extensive criminal operations.
Further insights from the Elliptic-Corvus report reveal intriguing connections between Black Basta and a now-defunct Russian criminal organization, hinting at a deeper web of cybercriminal activities. Conti, previously recognized as one of the leading cyber extortion gangs, ceased operations following a series of unsuccessful data leaks and the launch of Russia’s full-scale military operation in Ukraine. This was compounded by Washington’s announcement of a reward for information leading to the capture of Conti’s leaders.
Researchers have long speculated that the dissolution of Conti led to the formation of smaller splinter groups. Robinson suggests that Black Basta is likely one of these offshoots, continuing the legacy of cyber extortion and financial theft.
This development underscores the evolving and increasingly sophisticated nature of cybercrime, particularly in the realm of ransomware. It also highlights the challenges faced by global law enforcement agencies in tracking and combating these decentralized and often elusive cybercriminal networks. As digital currencies continue to play a pivotal role in these activities, the need for advanced tracking and regulatory measures becomes ever more critical.