Reportseverity: High2025-02-11
Black Basta internal chat logs leaked (BlackBastaGPT dataset)
published by Hudson Rock / open-source
Actor
Russian-speaking closed-affiliate ransomware operation widely assessed as a Conti spinoff that began encrypting victims in April 2022, days before the Conti brand wound down following the February 20…
Summary
A leaker published 200,000+ internal Matrix chat messages from the Black Basta operation spanning September 2023 to September 2024. The dataset (subsequently indexed by researchers as 'BlackBastaGPT') exposed operator handles, internal disputes after a Black Basta affiliate compromised a Russian state-aligned victim, the operation's exploit and CVE-tracking process, and ties to the broader Conti-lineage ecosystem. The leak accelerated the brand's fragmentation and operator dispersion.
Tags
leakransomwareopen-source-intelligence