8Base Ransomware Hits 4 Across the US and Singapore

By Bogdan Pătru . 8 April 2024

Tech Writer

Fact-Checked this

8Base hackers announced 4 victims in a recent ransomware attack. Three are located in the US, while the other is from Singapore. The hackers posted a short summary of each victim, along with a 4-day deadline until the stolen data leaked publicly.

8Base first appeared publicly in May 2023 but managed to gain global notoriety in less than a year
The hackers advertise themselves as public servants, as they (supposedly) only target companies that lack proper cyber defenses
8Base showcased the increased level of activity toward the end of 2023, and the trend seems to continue in 2024
None of the victims have commented on the recent events, and it’s unclear if they’ve decided to negotiate with the attackers

Ransomware attacks have increased in intensity considerably over the past year, with several notable organizations coming out almost overnight. Some specialize strictly in ransomware attacks, while others, like Stormous, also get involved in politics.

Ransomware attacks are notoriously damaging, whether the victim pays the ransom or not. Especially if it pays the ransom, which is rather counterintuitive. Cybersecurity experts warn that negotiating with the hackers is never meant to produce anything positive.

That’s because most ransomware actors won’t delete the stolen data anyway. Instead, they will keep it for themselves or sell it to other cybercriminal gangs. This explains why some targets are infiltrated multiple times following the first breach.

X showing the 8BASE attack on the four victims — https://twitter.com/FalconFeedsio/status/1777328039510343948

The best move is to ignore the hackers and work on improving your cybersecurity to prevent such attacks from ever reoccurring. It’s also important to note that many ransomware programs leave open “doorways” into the victim’s system.

This allows the hackers to spy and infiltrate the same victim a lot easier at a later date. These vulnerable hotspots are difficult to identify, which is why it’s always wise to work with cybersecurity experts to clean your system and reinforce it properly.

How 8Base Gang Operates

8Base has had a slow beginning but caught wind fast. The gang expanded its reach quickly, managing to hit multiple low and medium-level organizations across the world. They don’t typically coordinate their strikes to infiltrate multiple targets at the same time, though.

This makes this recent operation a bit unusual, as it resulted in 4 victims spread between 2 countries.

8Base appears to be an advanced ransomware actor that values stealth and clean-cut infiltrations. They cover their tracks quite effectively and rely on a Ransom-as-a-Service model (RaaS).

This allows them to use affiliates to conduct profitable operations without exposing themselves in the process.

While 8Base operators have produced victims in a variety of industries, they seem to prioritize the business sector. The “why” part is no surprise, given that the hackers are exclusively motivated by financial gains.

That being said, 8Base operators always follow the money wherever it might lead them. As the recent data shows, 8Base has targeted several industries, including healthcare, education, finance, and manufacturing.

If you believe you fit the profile of the perfect 8Base victim, it might be time to have a chat with your preferred cybersecurity professional.

Our Mission

We believe security online security matters and its our mission to make it a safer place.

Author, Creative Writer, and Tech-Geek Bogdan has followed his passion for the digital world ever since he got his hands on his first PC. After years of accumulating knowledge and experience, the good Samaritan in him whispered to him one day about the virtue of sharing that knowledge with those who needed it. It was in 2014 when that idea would grow into a life-defining passion. One that keeps driving him to this day.

Cookie	Duration	Description
CookieLawInfoConsent	1 year	CookieYes sets this cookie to record the default button state of the corresponding category and the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy	1 year	The GDPR Cookie Consent plugin sets the cookie to store whether or not the user has consented to use cookies. It does not store any personal data.
wpEmojiSettingsSupports	session	WordPress sets this cookie when a user interacts with emojis on a WordPress site. It helps determine if the user's browser can display emojis properly.

Cookie	Duration	Description
_ga	1 year 1 month 4 days	Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
_gat_UA-*	1 minute	Google Analytics sets this cookie for user behaviour tracking.
_gid	1 day	Google Analytics sets this cookie to store information on how visitors use a website while also creating an analytics report of the website's performance. Some of the collected data includes the number of visitors, their source, and the pages they visit anonymously.
_omappvp	1 year 1 month 4 days	The _omappvp cookie is set to distinguish new and returning users and is used in conjunction with _omappvs cookie.
_omappvs	20 minutes	The _omappvs cookie, used in conjunction with the _omappvp cookies, is used to determine if the visitor has visited the website before, or if it is a new visitor.

8Base Ransomware Hits 4 Across the US and Singapore

How 8Base Gang Operates

Our Mission

Bogdan Pătru

Leave a Comment Cancel