Ransomware, Threat Management, Endpoint/Device Security

Black Basta hits Swedish-Swiss firm ABB

Major Swedish-Swiss multinational automation technology firm ABB had its operations reportedly disrupted by a Black Basta ransomware attack against its Windows Active Directory on May 7, BleepingComputer reports. Hundreds of ABB's devices were noted by employees to have been impacted by the attack, prompting the company to sever VPN connections with its clients in an effort to avert further ransomware infections. Double-extortion attacks against corporate targets have been the specialty of Black Basta, which has been associated with the FIN7 hacking group, since its emergence in April 2022. Black Basta has also sought to continuously bolster its operations, with a collaboration with the QBot malware operation by June 2022 to facilitate Cobalt Strike deployment, as well as the development of a Linux encryptor for attacks against VMware ESXi virtual machines on Linux. Recent victims of the ransomware gang include major UK outsourcing firm Capita, the American Dental Association, and Knauf.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.