8Base attacks Praxis Arndt und Langer

Incident Date:

September 25, 2023

World map

Overview

Title

8Base attacks Praxis Arndt und Langer

Victim

Praxis Arndt und Langer

Attacker

8base

Location

Darmstadt, Germany

, Germany

First Reported

September 25, 2023

The 8Base Ransomware Gang's Attack on Praxis Arndt und Langer

The 8Base ransomware gang has attacked Praxis Arndt und Langer. Praxis Arndt und Langer is a diabetologist in Darmstadt, Germany. 8Base posted Praxis Arndt und Langer to its data leak site on September 25th, threatening to publish stolen “invoices, receipts, accounting documents, personal data, certificates, employment contracts, a huge amount of confidential information, confidentiality agreements, personal files” if the organization fails to pay an unspecified ransom by October 2nd.

Despite a significant increase in activity during the summer of 2023, the 8Base ransomware group has managed to maintain a relatively low profile. This group employs encryption techniques alongside "name-and-shame" tactics to pressure their victims into paying ransoms. 8Base demonstrates an opportunistic approach, targeting victims from diverse industries. However, crucial details regarding their identities, methods, and motivations remain shrouded in mystery.

The swift and efficient operations of 8Base suggest that this group is not newly formed but rather an established and mature organization. Based on available information, certain aspects of their current operations bear a striking resemblance to past ransomware activities.

Background of the 8Base Ransomware Group

The 8Base ransomware group emerged in March 2022, but it experienced a significant surge in activity in June 2023. Describing themselves as "simple pen testers," they operate a leak site that provides victim information through Frequently Asked Questions and Rules sections, along with multiple contact options. Notably, 8Base's communication style shares similarities with another known group called RansomHouse.

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.