Previous affiliates connected to the Black Basta ransomware initiative have been noted adhering to their established methods of email saturation and Microsoft Teams phishing to maintain ongoing access to intended networks.
“Recently, cybercriminals have incorporated Python script execution with these tactics, utilizing cURL requests to retrieve and implement harmful payloads,” ReliaQuest mentioned in a report.