"Dozens of Businesses Hit Recently by ‘8Base’ Ransomware Gang"
According to security researchers at VMware, a ransomware gang named 8Base was the second most active group in June 2023. 8Base has been active since March 2022 and mainly focused on small businesses. The researchers noted that the group engages in double extortion tactics, publicly naming and shaming victims to compel them to pay the ransom. To date, the 8Base gang has hit approximately 80 organizations across sectors such as automotive, business services, construction, finance, healthcare, hospitality, IT, manufacturing, and real estate. While analyzing the group’s activity, the researchers identified a resemblance with another relatively unknown ransomware gang, RansomHouse, which is known for purchasing leaked data and then extorting companies for money. According to the researchers, similarities were found in communication style and ransom notes, with the leak sites of the groups using nearly identical language, albeit different visuals. The main difference between the two groups is the fact that, while RansomHouse is openly recruiting for partners, 8Base is not. 8Base was seen using ransom notes that match both RansomHouse and Phobos. The researchers noted that it is possible that 8Base has used different types of ransomware as part of its normal operation. Whether 8Base is an offshoot of Phobos or RansomHouse remains to be seen.
SecurityWeek reports: "Dozens of Businesses Hit Recently by ‘8Base’ Ransomware Gang"