Leaked Chats Reveal Internal Turmoil in Black Basta Ransomware Group

A massive trove of internal messages exposes the gang's leadership conflicts, operational tactics, and high-profile targets.

Over 200,000 chat messages from Black Basta, spanning September 2023 to September 2024, were leaked by a user named 'ExploitWhispers' on Telegram.
The leak highlights internal disputes, including disagreements over targeting Russian banks, which led to fears of domestic law enforcement scrutiny.
Key members identified include the leader Oleg Nefedov, known as 'Trump,' and administrators 'YY,' 'Lapa,' and 'Cortes,' with ties to the Qakbot botnet.
The chats reveal details about ransomware tactics, phishing templates, cryptocurrency transactions, and a spreadsheet of targeted organizations, including critical infrastructure entities.
Researchers are using tools like 'BlackBastaGPT' to analyze the leaked data, which could provide insights into the gang's operations and vulnerabilities.