• Home
  • News
  • 8Base Ransomware Breaches C&J Industries

8Base Ransomware Breaches C&J Industries

Miklos Zoltan

By Miklos Zoltan . 23 February 2024

Founder - Privacy Affairs

Alex Popa

Fact-Checked this

8Base ransomware announced an extensive operation against a US-based company, C&J Industries. This provider specializes in injection molding and the manufacturing of precision plastic components.

  • 8Base is a relatively new ransomware actor that presents suspicious code similarities to other cybercriminal rings like Phobos and Hive
  • It’s unclear whether the victims paid the ransom or they simply decided to ignore their attackers
  • 8Base operators always leave their contact details behind, guiding the victims on how to reach them for negotiations
  • 8Base’s preferred methods of attacks include phishing emails and the use of IABs (Initial Access Brokers)

The victims have refused to comment on the recent breach and 8Base didn’t provide sufficient information regarding the effectiveness of the attack. However, it is safe to assume that they have managed to steal important data that they’re now holding for ransom.

8Base is a relatively new ransomware entity, dating back to early 2023, when it started operating on a higher scale. Some investigations have revealed smaller operations throughout 2022 that they attributed to 8Base.

This shows that 8Base may be older and more versatile than previously thought.

X showing the 8BASE attack on C&H Industries
https://twitter.com/FalconFeedsio/status/1760929989527220532

This recent attack is part of a growing and worrying trend of cybercriminal activities throughout the world. According to the latest statistics, the last 30 days have recorded over 364 ransomware attacks, with 94 of them being attributed to Lockbit 3.0.

Hunters International comes second with 29 hits, and 8Base occupies the third position with 28. This shows that, despite its relatively low activity and innocuous profile, 8Base is still one of the most dangerous ransomware actors in the world.

Why Everybody Should Fear 8Base

8Base has been in the industry for close to 2 years and suffered several changes along the way. The extortion ring became visibly more powerful and influential with time, unleashing its true potential in early 2023.

Since then, the group often produces at least one victim per day, especially in its most active months. But what makes 8Base so dangerous isn’t necessarily its high aggression, but rather its tendency to self-improve and adapt.

This has become evident over time, as experts have identified similarities between 8Base’s code and tactics and other high-profile cybercriminal rings. These include the defunct Hive, Phobos, and RansomHouse.

This isn’t necessarily evidence that 8Base is actually related to all those entities, but can be evidence that the organization learned from them. The theory is that 8Base operators took whatever they found useful in these now defunct groups to grow.

This showcases 8Base’s predilection for staying on top of their game and always performing at the highest standard. Lockbit has embraced the exact same mindset, which is why it currently ranks as the most prolific ransomware ring in the world.

When it comes to its attack pattern, 8Base prefers US-based targets and primarily lurks in industries like finance, manufacturing, and healthcare. That being said, the group will always prioritize high-value targets with a high revenue and, preferably, low security.

If you’re among the latter, the advice is to work with cybersecurity experts to improve your defenses against any type of cybernetic threat.

Our Mission

We believe security online security matters and its our mission to make it a safer place.

Leave a Comment