Bundle - Black Basta’s Leaked Chat Logs

Black Basta’s Leaked Chat Logs

Created on 2025-02-28 23:49, updated on 2025-03-01 00:04, by Cédric Bonhomme

Description

Leaked ransomware chat logs reveal Black Basta’s targeted CVEs.

On February 11, 2025, a major leak exposed BLACKBASTA's internal Matrix chat logs. The leaker claimed they released the data because the group was targeting Russian banks. This leak closely resembles the previous Conti leaks.

Cybercrime group focused on Microsoft vulnerabilities as well as flaws in network edge devices and communications software.

We have sightings from MISP and The Shadowserver fundation related to the rejected CVE:

CVE-2024-21683
ghsa-vr88-2hv2-5jvf

Vulnerabilities included in this bundle

CVE-2023-4966:
CVE-2024-27198:
CVE-2024-25600:
CVE-2022-22965:
CVE-2023-7028:
CVE-2024-21378:
CVE-2021-44228:
CVE-2021-42321:
CVE-2023-36874:
CVE-2023-36394:
CVE-2021-26855:
CVE-2017-5753:
CVE-2023-35628:
CVE-2024-21762:
CVE-2023-42793:
CVE-2022-1388:
CVE-2024-1708:
CVE-2023-3519:
CVE-2022-37969:
CVE-2023-42115:
CVE-2023-36844:
CVE-2023-36845:
CVE-2024-23108:
CVE-2024-23113:
CVE-2023-36884:
CVE-2022-41352:
CVE-2023-21716:
CVE-2024-3400:
CVE-2024-1086:
CVE-2024-23897:
CVE-2023-38831:
CVE-2023-3467:
CVE-2023-23397:
CVE-2022-27925:
CVE-2017-11882:
CVE-2022-41082:
CVE-2021-28482:
CVE-2023-20198:
CVE-2024-21338:
CVE-2022-37042:
CVE-2021-42287:
CVE-2017-5754:
CVE-2024-21683:
CVE-2023-7027:
CVE-2024-24919:
CVE-2024-21413:
CVE-2023-3466:
CVE-2023-22515:
CVE-2024-1709:
CVE-2022-41040:
CVE-2022-0609:
CVE-2024-23109:
CVE-2020-1472:
CVE-2023-6875:
CVE-2022-30190:
CVE-2023-36745:
CVE-2021-42278:
CVE-2024-26169:
CVE-2022-26134:
CVE-2021-40444:
CVE-2022-30525:
CVE-2023-29357:
GHSA-vr88-2hv2-5jvf:

Combined detection rules

Detection rules are retrieved from Rulezet.

Combined sightings

Author	Vulnerability	Source	Type	Date