Following our latest update, we continued with the threat-focused research and hunting efforts, further evaluating the threat and looking for potential hits in your organizational infrastructures.
AXON reports have been published for AXON customers, including:
- Indicators of compromise - Relevant hits that require your attention
Please feel free to reach out in case of any follow-up questions.
Sincerely, Team AXON.
Posted Feb 26, 2025 - 12:09 UTC
Update
Dear Customers,
We are still analyzing the leaked messages, Customers who we were able to find any mentions to in the group messages have been notified,
Additionally, we are conducting a large-scale IOC scan covering the period of the chat leak. Since the IOC list is extensive, containing approximately 4,000 IP addresses, we are currently categorizing IPs based on their maliciousness to prioritize potential threats.
This process takes time to ensure accuracy and completeness. We will keep you updated as we finalize the IP analysis and look for additional findings.
If you have any questions or concerns, please do not hesitate to reach out to us. Sincerely, Team AXON.
Posted Feb 24, 2025 - 11:54 UTC
Investigating
Dear Customers,
Team AXON is aware of the recently leaked internal conversations associated with the Black Basta threat group and is actively investigating the matter.
As reported, an unknown individual has released internal chat logs belonging to Black Basta’s ransomware operations. The leaked archive contains messages exchanged in the group’s internal chat rooms between September 2023 and September 2024. These messages include a range of sensitive information, such as potential victim credentials and other data that may serve as indicators of compromise (IOCs).
Our dedicated threat research efforts remain focused on assessing the leaked information. If we identify any findings that require your immediate attention, we will notify you promptly. Additionally, a comprehensive AXON report will be provided to all AXON customers once our Rapid Response efforts are complete.
If you have any questions or concerns, please do not hesitate to reach out to us.