UPDATES
3
4
1
3
4
threat
UPDATES
3
RUSSIA
Black Basta, a notorious ransomware group with ties to the
Ryuk and Conti criminal enterprises, was recently exposed following the leak of its Matrix chat server on a Telegram channel. The server, hosted on the domain bestflowers247 [.] online, was revealed by a user known as ExploitWhispers. The leaked files, formatted as JSON documents, include timestamps, sender and recipient details, thread IDs and message content. This data offers actionable intelligence into the group’ s operations and helps identify key accounts and domains used by its members.
The chat logs not only uncover Black Basta’ s internal communications but also offer a window into the wider ransomware ecosystem. Gaining insight into how the group operates within this landscape reveals its scale and capabilities. One method of assessing its impact is by analysing cryptocurrency transactions linked to the group’ s activities.
4
JAPAN
Japanese regulators have issued an urgent warning following hundreds of millions of dollars in unauthorised trades conducted via hacked brokerage accounts.
Japan’ s Financial Services Agency( FSA) reported a sharp rise in cases of unauthorised access and trading through online brokerage platforms.
According to the agency, the surge is linked to stolen customer credentials obtained through phishing websites designed to mimic legitimate securities firms.
As of April 16, the FSA confirmed that 12 securities companies had reported fraudulent transactions, with sales totalling approximately US $ 350 million and purchases around US $ 315 million.
“ There are various types of fraudulent transactions, but in most cases, the fraudsters gain unauthorised access to victim accounts and manipulate them to sell stocks etc. in the accounts, and use the proceeds to buy Chinese stocks etc,” officials explained.
“ As a result of the fraudulent transactions, the Chinese stocks etc. remain in the victim accounts.”
1
3
4
WWW. INTELLIGENTCISO. COM 25