BlackBasta Chat Logs Leaked

An anonymous leaker has released what they claim is an archive of internal Matrix chat logs belonging to the BlackBasta ransomware group.

Active since 2022, BlackBasta has built a reputation for high-profile attacks using double-extortion tactics. They typically encrypt victims’ data, threatening to leak it unless a hefty ransom is paid. Their targets have included major U.S. healthcare providers and U.K. based Capita, among others.

The individual, known as ExploitWhispers, initially uploaded the stolen messages to the MEGA file-sharing platform before they were taken down. They have since reuploaded the archive to a dedicated Telegram channel. It remains unclear whether ExploitWhispers is a security researcher who infiltrated the gang’s internal chat server or a disgruntled insider. The leaked logs cover communications in BlackBasta’s chat rooms between September 2023 and 2024.

The leaked archive not only contains chat logs but also 367 unique ZoomInfo links, suggesting the number of companies targeted during that period. Ransomware gangs often use ZoomInfo to share intelligence on victims, either internally or during ransom negotiations.

As well as ZoomInfo links, the leaked messages reveal how the gang selects its targets, executes attacks, and manages ransom negotiations.

In one log, the group demanded $28.7 million from a victim, offering a large discount for immediate payment. The leak revealed how BlackBasta laundered these payments, often using compromised bank accounts and cryptocurrency mixers to cover their tracks.

ExploitWhispers also shared details about key BlackBasta members, including:

• Lapa: One of the group’s administrators.
• Cortes – A threat actor linked to the Qakbot malware group.
• YY: BlackBasta’s primary administrator.
• Trump (aka GG and AA): Believed to be Oleg Nefedov, the operation’s leader.

This leak could mark a significant blow to BlackBasta, exposing internal dynamics, operational practices, and the identities of key figures within the ransomware gang.