Black Basta is a ransomware group that emerged in April 2022 and operates as a Ransomware-as-a-Service (RaaS) group. They specialize in double-extortion tactics and employ a range of sophisticated tools, including the Qakbot trojan and the PrintNightmare exploit.
Black Basta has a targeted focus on organizations in English-speaking countries, particularly the United States. They use a variety of infiltration methods, including PowerShell scripts and third-party tools like Netcat, to compromise systems and escalate privileges.