blackbasta attacks BOOTZ
Incident Date:
October 19, 2022
Overview
Title
blackbasta attacks BOOTZ
Victim
BOOTZ
Attacker
Blackbasta
Location
First Reported
October 19, 2022
Bootz Ransomware Attack by Blackbasta
Bootz, a company specializing in manufacturing bathtubs and bathware, has been targeted by the ransomware group Blackbasta. The attack was announced on the dark web leak site of the group, which also revealed that Bootz operates in the manufacturing sector.
Company Overview
Bootz has been in operation for eight decades, manufacturing products that are as hard-working as the people who build them. The company's website showcases their commitment to quality and innovation, with a focus on customer satisfaction and design customization.
Industry Standout
Bootz stands out in the manufacturing industry for their dedication to craftsmanship and their ability to create unique designs with their NexTile Pro system, which is a caulk-free water management system that allows for customizable niches and easy setup.
Vulnerabilities
The specific vulnerabilities that led to the successful attack by Blackbasta are not detailed in the available information. However, it is known that Blackbasta is a ransomware family that is deployed as part of Ransomware as a Service (RaaS) operations and can self-propagate by using PsExec to remote execute itself on other hosts on the local network.
Impact
The ransomware attack on Bootz is part of a larger trend of cybercriminals targeting organizations worldwide, causing personal data breaches and extorting large ransoms. The attack on Bootz is significant because it highlights the value of data in the hands of malicious actors and the pressure on organizations to pay large ransoms to prevent data publication.
The ransomware attack on Bootz by Blackbasta is a reminder of the importance of robust security measures, employee cybersecurity awareness training, and a tested incident response plan in the face of cyber threats. Companies must prioritize their data and invest adequately in its protection, and paying ransoms does not guarantee the return of all data or protection from future attacks.
Sources
- Bootz. (n.d.). Bootz | Bathtubs and Bathware. Retrieved April 10, 2024, from https://bootz.com/
- RansomLook. (2022, October 18). Blackbyte. Retrieved April 10, 2024, from https://www.ransomlook.io/groups/blackbyte
- Ransomware Posts. (n.d.). Ransomware Posts - GitHub Pages. Retrieved April 10, 2024, from https://privtools.github.io/ransomposts/
- Newman, S. (2023, June 9). Clop Ransomware Gang Extorts Household Names including BBC, British Airways, and Boots. Retrieved April 10, 2024, from https://www.itsecurityguru.org/2023/06/09/clop-ransomware-gang-extorts-household-names-including-bbc-british-airways-and-boots/
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.