Cyber Protect Cloud
for Service Providers

Researchers have reported that the 8Base ransomware, which operated covertly for over a year, exhibited a significant increase in activity in May and June 2023. Employing encryption and "name-and-shame" tactics, 8Base targets victims across diverse industries. It has been linked to 67 attacks, primarily affecting businesses in the U.S. and Brazil, with sectors such as business services, manufacturing and construction being the most impacted.

The origins of 8Base remain elusive, but it has been active since at least March 2022 and describes itself as a group of "simple pentesters." Notably, similarities between 8Base and the RansomHouse group have been identified, including identical language in ransom notes and welcome pages.

Additionally, a sample of Phobos ransomware using the ".8base" file extension suggests a potential connection between 8Base and Phobos, or the utilization of existing ransomware strains. As part of a new wave of ransomware groups, 8Base operates alongside newcomers like Big Head, CryptNet, Mallox and Xollam.

Acronis Cyber Protect Cloud detects and blocks both existing and never-before-seen ransomware with its included Active Protection, based on the behaviors ransomware exhibits.

About Acronis

Acronis is a Swiss company, founded in Singapore. Celebrating two decades of innovation, Acronis has more than 2,000 employees in 45 locations. Acronis Cyber Protect solution is available in 26 languages in over 150 countries and is used by 18,000 service providers to protect over 750,000 businesses.

More from Acronis