8Base Threat Actor Profile
Home / Threat Actors /
Overview
8Base is a ransomware group that is reported to have originated from RansomHouse. It is focused on encryption of data and public shaming of organisations by conducting double-extortion ransomware campaigns and threatening to leak stolen data to coerce organisations into paying the ransom. The similarities that exist with RansomHouse mean that there is a realistic possibility that there could be a subsidiary connection.
The group has targeted a wide range of industries, including hospitality, law, healthcare, manufacturing, finance and information technology, with victims located in various countries such as Spain, Italy, the United States, Brazil, Canada, India, France, and the United Kingdom. Although the group has targeted a wide range of industries, the most targeted as of the time of writing has been business services with 17 attacks.
The 8Base ransomware group utilises the 8Base ransomware, SmokeLoader and Phobos. Further, the group operates within the context of the Ransomware-as-a-Service (RaaS) model.
The Quorum Cyber Threat Intelligence team provides threat actor profiles so that you can better understand cybercriminals’ tactics, techniques, and procedures (TTPs).
Download your 8Base report to read more details today.
