CyberSecurity news

FlagThis

Bill Toulas@BleepingComputer //
The Black Basta ransomware operation has developed a new automated brute-forcing framework called 'BRUTED' to compromise edge networking devices such as firewalls and VPNs. This framework is designed to automate the process of gaining unauthorized access to sensitive networks, which can lead to ransomware deployment and data theft. Security experts warn that this new tool empowers attackers to more efficiently breach enterprise VPNs and firewalls, marking a worrying escalation in ransomware tactics.

EclecticIQ analysts, after analyzing the source code, confirmed the primary capability of the tool is the automated internet scanning and credential stuffing against edge network devices. This framework targets widely used firewalls and VPN solutions in corporate networks. This tool is able to exploit weak or reused credentials, gaining an initial foothold for lateral movement and ransomware deployment.
Original img attribution: https://www.bleepstatic.com/content/hl-images/2022/08/17/global-pew-pew.jpg
ImgSrc: www.bleepstatic

Share: bluesky twitterx--v2 facebook--v1 threads


References :
  • KubikPixel (o??o?): Ransomware gang creates tool to automate VPN brute-force attacks The Black Basta ransomware operation created an automated brute-forcing framework dubbed 'BRUTED' to breach edge networking devices like firewalls and VPNs. ğŸŒ�
  • The DefendOps Diaries: Explore the BRUTED framework, a new tool by Black Basta, automating brute-force attacks on VPNs, posing a global threat to organizations.
  • Davey Winder: Hackers now have the tools to automate brute force attacks of your VPNs and firewalls during ransomware campaigns.
  • Talkback Resources: Inside BRUTED: Black Basta (RaaS) Members Used Automated Brute Forcing Framework to Target Edge Network Devices [net] [mal]
  • BleepingComputer: Ransomware gang creates tool to automate VPN brute-force attacks
  • bsky.app: The Black Basta ransomware operation created an automated brute-forcing framework dubbed 'BRUTED' to breach edge networking devices like firewalls and VPNs. https://www.bleepingcomputer.com/news/security/black-basta-ransomware-creates-automated-tool-to-brute-force-vpns/
  • bsky.app: The Black Basta ransomware operation created an automated brute-forcing framework dubbed 'BRUTED' to breach edge networking devices like firewalls and VPNs.
  • bsky.app: The BlackBasta ransomware gang developed and used its own custom tool to brute-force enterprise firewalls and VPN remote-access products.
  • www.techradar.com: Infamous ransomware hackers reveal new tool to brute-force VPNs
  • www.cybersecuritydive.com: Black Basta uses brute-forcing tool to attack edge devices
  • www.scworld.com: Automated brute forcing tool leveraged in Black Basta ransomware intrusions
  • www.cysecurity.news: Ransomware gang creates tool to automate VPN brute-force attacks The Black Basta ransomware operation created an automated brute-forcing framework dubbed 'BRUTED' to breach edge networking devices like firewalls and VPNs.
Classification:
  • HashTags: #Ransomware #BlackBasta #BruteForce
  • Target: VPNs, firewalls
  • Attacker: Black Basta
  • Product: Edge Networking Devices
  • Feature: Automated Brute Forcing
  • Malware: BRUTED
  • Type: Malware
  • Severity: High