• Home
  • News
  • 8Base Ransomware Infects 4 More

8Base Ransomware Infects 4 More

Miklos Zoltan

By Miklos Zoltan . 29 February 2024

Founder - Privacy Affairs

Alex Popa

Fact-Checked this

8Base published evidence regarding 4 new ransomware operations, this time spanning across 4 countries: Austria, Singapore, Italy, and Saudi Arabia. All of the victims have time until the 6th of March to finalize negotiations.

  • The four victims have not commented on the event, but they are expected to in the coming period
  • It’s notable that 8Base gave the victims until the 6th to contact them and finalize negotiations; the deadline is usually no longer than 48 hours in most other cases
  • While we don’t know specifics about the attacks, the standard presumption is that 8Base used its trademark multi-extortion technique
  • Despite being relatively new, 8Base has gained a scary reputation in a relatively short time span

Ransomware attacks have been on the rise recently, with the FBI announcing that in the last 30 days recorded over 450 attacks worldwide. Most of these attacks were conducted by veteran actors, but some have been novel entities at the start of their kill streak.

8Base isn’t either, but it’s closer to the veteran status. The organization hit the public sphere in Q1 of 2023, and it didn’t take long until it caught the eyes of law enforcement agencies. Despite the intense scrutiny, 8Base seems unaffected.

X showing the 8BASE attack on the 4 victims
https://twitter.com/FalconFeedsio/status/1762757027011735893

The fact that 8Base managed to infiltrate 4 targets from 4 different countries at the same time is proof of the organization’s resourcefulness. 8Base tends to focus on high-value organizations, whether they come from the public or private sector.

The goal is to extort as much money as possible, which is why the group prioritizes the business sector above all else. And, as expected, most victims come from the US.

What You May Not Know About 8Base

The organization became visible in the public sphere at the beginning of 2023, but that’s not when it was born. Investigation groups have identified trace activities associated with 8Base in 2022 as well.

The problem is that those were small campaigns that didn’t exactly hit the public conscience. It took several months until the organization grew strong enough to make a meaningful impact.

There are several key points that recommend 8Base as a formidable and scary organization:

  • The code and tactic similarities to more dangerous groups like Phobos, RansomHouse, and Hive
  • The double-extortion tactic that always increases the value of the ransom
  • Their disciplined code of conduct and the preparation that goes into the cybercriminal operations

It’s also important to note that 8Base relies on knowledgeable and proficient experts during these intrusions. They’re not a band of clueless and lucky nobodies.

Finally, 8Base’s most notable feature is its unpredictability. While the group does have its attack patterns, they are largely unpredictable. They attack victims from different industries, sometimes in bulk, and use different infiltration tactics.

They are also very well equipped for tackling the most advanced defense systems. This means that if you want to protect your business from cybercriminal entities like 8Base, you need to rely on the experts.

Rely on cybersecurity professionals to boost your defenses and train your personnel on how to identify and avoid phishing attempts. Anything less than that will paint a target on your business’s name.

Our Mission

We believe security online security matters and its our mission to make it a safer place.

Leave a Comment