APT: Cooperation of Hive, Royal and Black Basta Ransomware
In its Clustering Attacker Behavior Reveals Hidden Patterns report, Sophos publishes new insights into connections between the most prominent ransomware groups of the past year: Hive, Black Basta and Royal. Recent attacks suggest that the three ransomware groups share playbooks or partners. As of January 2023, Sophos X-Ops had investigated four different ransomware attacks over a three-month period, one originating from Hive, two from Royal and one from Black Basta. Clear similarities between the attacks were found. Although Royal is considered a very closed group with no visible partners from underground forums...