Black Basta Posts Details on Its Leak Site


British musical instrument manufacturing giant Marshall Amplification was allegedly breached by the Black Basta ransomware group. In a tweet, security researcher Dominic Alvieri posted about the Marshall hack. He further shared screenshots of the details posted on the leak site of the Black Basta ransomware group to The Cyber Express.

To confirm the Marshall hacking incident, The Cyber Express reached out to the company and is yet to receive a response from them.

Marshall hacked
Screenshot of the Black Basta leak site (Photo: Dominic Alvieri/ Twitter)

Marshall hacked by Black Basta ransomware group

Though Black Basta ransomware group claimed the data breach, the British company is yet to acknowledge the incident or release an official statement whether or not Marshall was hacked.

Moreover, despite the claim by the ransomware group, no details about its impact, data leak or a ransom demand have been shared.

Marshall Amplification is headquartered in Milton Keynes, United Kingdom, and was founded in 1962.

After the alleged Marshall hacking, the Black Basta ransomware group posted screenshots on its blog. They also posted the names of law firm Rudman Winchell, electric services company ACEA Energia, and real estate investment trust VORNADO alongside the alleged Marshall data breach post.

Dominic informed The Cyber Express that the Black Basta ransomware group was likely to add more details related to the breached data.

Marshall Hacked, Marshall data breach, Black Basta ransomware group
Screenshot of the targets named by the Black Basta ransomware group (Photo: Dominic Alvieri)

Modus Operandi of the Black Basta ransomware group

The Black Basta ransomware group has been active since April 2022 and has targeted companies across the globe in a short span of time right from the point it was discovered. A 2022 news report revealed that the Black Basta breached over 12 companies in a matter of weeks.

The group breaches systems using vulnerable remote desktop protocol configuration and phishing links. The links contain malicious downloads that when installed lead to security breaches among other online damages.

 

Marshall hacked
(Photo: DXC Technology)

According to reports, the Black Basta ransomware group drops a ransom note titled readme.txt and appends the encrypted data with a .basta extension. The targets are asked to contact its operators for the decryption of the files using this Tor address: hxxps://aazsbsgya565vlu2c6bzy6yfiebkcbtvvcytvolt33s77xypi7nypxyd[.]onion:80/

Users would be asked to pass the captcha request on this URL and to note the company id to decrypt the encrypted files. The ‘Chat Black Basta’ Tor negotiation site allows using a login page with a chatting option for targets to negotiate post a security breach.

Ransomware specialist Michael Gillespie noted that the Black Basta encrypts data using the ChaCha20 algorithm via the executable’s public RSA-4096 key.

Can wireless speakers be hacked?

The incident highlights the security of wired and wireless speakers, as well. In fact, wireless speakers can potentially be hacked if they are not properly secured. Wireless speakers rely on a wireless connection to communicate with other devices, such as smartphones or computers, and this connection can be intercepted by hackers.

Some common ways that wireless speakers can be hacked include:

  • Bluetooth hacking: Bluetooth is a common wireless technology used by many wireless speakers, and it can be vulnerable to hacking if the connection is not properly secured.
  • Wi-Fi hacking: Some wireless speakers also use Wi-Fi to connect to other devices, and if the Wi-Fi network is not secured, it can be vulnerable to hacking.
  • Firmware vulnerabilities: Like any other electronic device, wireless speakers have firmware that can be vulnerable to security flaws that can be exploited by hackers.





Source link