blackbasta attacks BOOTZ

Incident Date:

October 19, 2022

World map



blackbasta attacks BOOTZ






Evansville, USA

Indiana, USA

First Reported

October 19, 2022

Bootz Ransomware Attack by Blackbasta

Bootz, a company specializing in manufacturing bathtubs and bathware, has been targeted by the ransomware group Blackbasta. The attack was announced on the dark web leak site of the group, which also revealed that Bootz operates in the manufacturing sector.

Company Overview

Bootz has been in operation for eight decades, manufacturing products that are as hard-working as the people who build them. The company's website showcases their commitment to quality and innovation, with a focus on customer satisfaction and design customization.

Industry Standout

Bootz stands out in the manufacturing industry for their dedication to craftsmanship and their ability to create unique designs with their NexTile Pro system, which is a caulk-free water management system that allows for customizable niches and easy setup.


The specific vulnerabilities that led to the successful attack by Blackbasta are not detailed in the available information. However, it is known that Blackbasta is a ransomware family that is deployed as part of Ransomware as a Service (RaaS) operations and can self-propagate by using PsExec to remote execute itself on other hosts on the local network.


The ransomware attack on Bootz is part of a larger trend of cybercriminals targeting organizations worldwide, causing personal data breaches and extorting large ransoms. The attack on Bootz is significant because it highlights the value of data in the hands of malicious actors and the pressure on organizations to pay large ransoms to prevent data publication.

The ransomware attack on Bootz by Blackbasta is a reminder of the importance of robust security measures, employee cybersecurity awareness training, and a tested incident response plan in the face of cyber threats. Companies must prioritize their data and invest adequately in its protection, and paying ransoms does not guarantee the return of all data or protection from future attacks.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.