Researchers who have read the Russian language texts said they have uncovered internal gorges in the secret organization that have been escalated since one of its leaders were arrested because it increases the threat that other members are also detected. The raised tensions have contributed to the growing gorges between the current leader, which is assumed to be the Oleg Nefedov and its subordinates. One of the disagreements concerned his decision to focus on a bank in Russia, which placed Black Basta in the sightsman of law enforcement in that country.
“It appears that the personal financial interests of Oleg, the boss of the group, determine the activities and ignore the interests of the team,” wrote a researcher at Prodraft. “Under his administration there was also a brutal strength attack on the infrastructure of some Russian banks. It seems that no measures have been taken by the police, who can cause a serious problem and cause reactions from these authorities. “
The leaked trove also contains details about other members, including two managers who use the names LAPA and YY, and Cortes, a threat actor linked to the Qakbot Ransomware Group. More than 350 unique links from Zoominfo are also exposed, a cloud service that offers data about companies and business people. The leaked links offer insights into how Black Basta members used the service to investigate the companies they focused on.
Security company Hudson Rock said it has already introduced the chat transcriptions in Chatgpt to make Blackbastekt, a source to help researchers analyze black Basta operations.