Published 3 days ago • loading... • Updated 3 days ago

Former Black Basta Members Use Microsoft Teams and Python Scripts in 2025 Attacks

Summary by The Hacker News

Former members tied to the Black Basta ransomware operation have been observed sticking to their tried-and-tested approach of email bombing and Microsoft Teams phishing to establish persistent access to target networks. "Recently, attackers have introduced Python script execution alongside these techniques, using cURL requests to fetch and deploy malicious payloads," ReliaQuest said in a report

This story is only covered by news sources that have yet to be evaluated by the independent media monitoring agencies we use to assess the quality and reliability of news outlets on our platform. Learn more here.

11 Articles

All

Left

Center

Right

IT Brief Australia

+8 Reposted by 8 other sources

ReliaQuest details Black Basta’s legacy & rise of Teams phishing

ReliaQuest reveals Black Basta’s fall and warns former affiliates persist with Teams phishing and Python-enabled ransomware tactics post-February 2025.

3 days ago

Read Full Article

it-daily.net

Former Black Basta Members Use Microsoft Teams and Python Scripts

Former players who were previously attributed to the ransomware group Black Basta continue their activities with well-known methods – including email bombings and phishing via Microsoft teams. However, security researchers from ReliaQuest found that attackers are increasingly combining these techniques with Python scripts to specifically reload and execute malware via cURL requests. This further development suggests that, despite internal setbac…

3 days ago

Read Full Article