{"id":54980,"date":"2024-01-04T13:17:18","date_gmt":"2024-01-04T13:17:18","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/35363\/SRLabs-Develops-Black-Basta-Ransomware-Decryptor.html"},"modified":"2024-01-04T13:17:18","modified_gmt":"2024-01-04T13:17:18","slug":"srlabs-develops-black-basta-ransomware-decryptor","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/srlabs-develops-black-basta-ransomware-decryptor\/","title":{"rendered":"SRLabs Develops Black Basta Ransomware Decryptor"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2024\/01\/010324_unlocked_data.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>Researchers released a decryptor to help the numerous victims of one of 2023\u2019s most prolific double-extortion ransomware gangs, Black Basta, restore their compromised files for free.<\/p>\n<p>Black Basta is believed to have attacked well over 300 organizations since it was first observed in early 2022, making it one of the top most active malware strains by victim count over that period.<\/p>\n<p>The gang is believed to have <a href=\"https:\/\/www.scmagazine.com\/news\/black-bastas-ransom-haul-tops-100m-in-less-than-2-years\" target=\"_blank\" rel=\"noreferrer noopener\">raked in at least $107 million in ransom payments<\/a> from over 90 victims.<\/p>\n<p>Black Basta\u2019s rapid ascension in the cybercriminal ranks caught the interest of researchers, including consultancy Security Research Labs (SRLabs) which has developed and <a href=\"https:\/\/github.com\/srlabs\/black-basta-buster\" target=\"_blank\" rel=\"noreferrer noopener\">published on GitHub<\/a> a suite of tools it calls \u201cBlack Basta Buster.\u201d<\/p>\n<p>The tools enable security teams to analyze files encrypted by the gang to determine if they are recoverable. If they are, other tools in the suite assist with the decryption process.<\/p>\n<p>\u201cWe looked into the encryption algorithm and have found a particular weakness for the ransomware strain used by Black Basta ransomware around April 2023,\u201d SRLabs said.<\/p>\n<h2>What Black Basta did wrong in its ransomware<\/h2>\n<p>SRLabs\u2019 GitHub documentation explains that Black Basta\u2019s ransomware uses a <a href=\"https:\/\/en.wikipedia.org\/wiki\/Salsa20#ChaCha_variant\" target=\"_blank\" rel=\"noreferrer noopener\">ChaCha<\/a> keystream that XORs 64-byte-long chunks of the files it encrypts.<\/p>\n<p>\u201cThe keystream, however, is not advanced properly and the same 64 bytes are used for XORing all the blocks to be encrypted,\u201d the researchers said.<\/p>\n<p>If the plaintext of 64 encrypted bytes of a file is known, decryption may be possible, although \u201cthe known plaintext bytes need to be in a location of the file that is subject to encryption based on the malware&#8217;s logic of determining which parts of the file to encrypt.\u201d<\/p>\n<p>The good news: \u201cFor certain file types knowing 64 bytes of the plaintext in the right position is feasible, especially virtual machine disk images.\u201d<\/p>\n<p>The not-quite-so-good news: \u201cFiles below the size of 5000 bytes cannot be recovered. For files between 5000 bytes and 1GB in size, full recovery is possible. For files larger than 1GB, the first 5000 bytes will be lost but the remainder can be recovered.\u201d<\/p>\n<p>Researchers <a href=\"https:\/\/www.scmagazine.com\/news\/avast-posts-decryptor-for-the-bianlian-ransomware\" target=\"_blank\" rel=\"noreferrer noopener\">regularly develop decryptors<\/a> after discovering flaws in threat actors\u2019 malware. Victims\u2019 success in recovering lost data using decyptors can vary depending on the circumstances.<\/p>\n<p>An unfortunate downside of decryptors being published is that it alerts ransomware gangs to the need to upgrade their encryption techniques, potentially making it harder for future victims to retrieve compromised files.<\/p>\n<h2>2023: Black Basta\u2019s big year<\/h2>\n<p>As a double-extortion malware gang, Black Basta specializes in exfiltrating sensitive data from victims before encrypting their networks and threatening to publish the stolen information if a ransom isn\u2019t paid.<\/p>\n<p>Black Basta is widely believed to be an offshoot of another prolific ransomware operator, <a href=\"https:\/\/www.scmagazine.com\/news\/blockchain-conti-akira-ransomware\" target=\"_blank\" rel=\"noreferrer noopener\">the Conti Group<\/a>, which disbanded in 2022. Its victims in 2023 included Swiss <a rel=\"noreferrer noopener\" href=\"https:\/\/www.scmagazine.com\/news\/abb-basta-ransomware-attack\" target=\"_blank\">technology giant ABB<\/a>, British <a rel=\"noreferrer noopener\" href=\"https:\/\/www.scmagazine.com\/brief\/black-basta-leak-of-capita-data-under-investigation\" target=\"_blank\">outsourcing company Capita<\/a>, and <a rel=\"noreferrer noopener\" href=\"https:\/\/www.scmagazine.com\/news\/dish-network-confirms-cyberattack\" target=\"_blank\">Dish Network<\/a>.<\/p>\n<p>The gang\u2019s ransomware was commonly <a href=\"https:\/\/www.scmagazine.com\/news\/black-basta-ransomware-group-targeting-us-companies-with-qakbot-malware\" target=\"_blank\" rel=\"noreferrer noopener\">deployed using Qakbot malware<\/a>. Qakbot\u2019s botnet was <a href=\"https:\/\/www.scmagazine.com\/news\/qakbot-botnet-brought-down-in-major-global-operation-led-by-us\" target=\"_blank\" rel=\"noreferrer noopener\">taken down by authorities<\/a> last August, although the malware <a href=\"https:\/\/www.scmagazine.com\/news\/new-qakbot-phishing-campaign-appears-months-after-fbi-takedown\">resurfaced in December<\/a>.<\/p>\n<p>Researchers believe the Qakbot takedown could explain a marked reduction in Black Basta attacks during the second half of 2023. They didn\u2019t stop completely, however, with the gang\u2019s victims in the later part of the year including major TV advertising sales and technology firm <a href=\"https:\/\/www.scmagazine.com\/brief\/ampersand-targeted-by-black-basta-ransomware-attack\">Ampersand<\/a>, and <a href=\"https:\/\/www.scmagazine.com\/brief\/black-basta-ransomware-attack-behind-toronto-public-library-outages\">Toronto Public Library<\/a>, Canada&#8217;s largest public library system.<\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/35363\/SRLabs-Develops-Black-Basta-Ransomware-Decryptor.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":54981,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[8839],"class_list":["post-54980","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackermalwaredata-losscryptography"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>SRLabs Develops Black Basta Ransomware Decryptor 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/srlabs-develops-black-basta-ransomware-decryptor\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"SRLabs Develops Black Basta Ransomware Decryptor 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/srlabs-develops-black-basta-ransomware-decryptor\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2024-01-04T13:17:18+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2024\/01\/010324_unlocked_data.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/srlabs-develops-black-basta-ransomware-decryptor\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/srlabs-develops-black-basta-ransomware-decryptor\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"SRLabs Develops Black Basta Ransomware Decryptor\",\"datePublished\":\"2024-01-04T13:17:18+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/srlabs-develops-black-basta-ransomware-decryptor\\\/\"},\"wordCount\":554,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/srlabs-develops-black-basta-ransomware-decryptor\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/01\\\/srlabs-develops-black-basta-ransomware-decryptor.jpg\",\"keywords\":[\"headline,hacker,malware,data loss,cryptography\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/srlabs-develops-black-basta-ransomware-decryptor\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/srlabs-develops-black-basta-ransomware-decryptor\\\/\",\"name\":\"SRLabs Develops Black Basta Ransomware Decryptor 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/srlabs-develops-black-basta-ransomware-decryptor\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/srlabs-develops-black-basta-ransomware-decryptor\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/01\\\/srlabs-develops-black-basta-ransomware-decryptor.jpg\",\"datePublished\":\"2024-01-04T13:17:18+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/srlabs-develops-black-basta-ransomware-decryptor\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/srlabs-develops-black-basta-ransomware-decryptor\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/srlabs-develops-black-basta-ransomware-decryptor\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/01\\\/srlabs-develops-black-basta-ransomware-decryptor.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/01\\\/srlabs-develops-black-basta-ransomware-decryptor.jpg\",\"width\":1050,\"height\":591},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/srlabs-develops-black-basta-ransomware-decryptor\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,malware,data loss,cryptography\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackermalwaredata-losscryptography\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"SRLabs Develops Black Basta Ransomware Decryptor\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"SRLabs Develops Black Basta Ransomware Decryptor 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/srlabs-develops-black-basta-ransomware-decryptor\/","og_locale":"en_US","og_type":"article","og_title":"SRLabs Develops Black Basta Ransomware Decryptor 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/srlabs-develops-black-basta-ransomware-decryptor\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2024-01-04T13:17:18+00:00","og_image":[{"url":"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2024\/01\/010324_unlocked_data.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/srlabs-develops-black-basta-ransomware-decryptor\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/srlabs-develops-black-basta-ransomware-decryptor\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"SRLabs Develops Black Basta Ransomware Decryptor","datePublished":"2024-01-04T13:17:18+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/srlabs-develops-black-basta-ransomware-decryptor\/"},"wordCount":554,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/srlabs-develops-black-basta-ransomware-decryptor\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/01\/srlabs-develops-black-basta-ransomware-decryptor.jpg","keywords":["headline,hacker,malware,data loss,cryptography"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/srlabs-develops-black-basta-ransomware-decryptor\/","url":"https:\/\/www.threatshub.org\/blog\/srlabs-develops-black-basta-ransomware-decryptor\/","name":"SRLabs Develops Black Basta Ransomware Decryptor 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/srlabs-develops-black-basta-ransomware-decryptor\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/srlabs-develops-black-basta-ransomware-decryptor\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/01\/srlabs-develops-black-basta-ransomware-decryptor.jpg","datePublished":"2024-01-04T13:17:18+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/srlabs-develops-black-basta-ransomware-decryptor\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/srlabs-develops-black-basta-ransomware-decryptor\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/srlabs-develops-black-basta-ransomware-decryptor\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/01\/srlabs-develops-black-basta-ransomware-decryptor.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/01\/srlabs-develops-black-basta-ransomware-decryptor.jpg","width":1050,"height":591},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/srlabs-develops-black-basta-ransomware-decryptor\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,malware,data loss,cryptography","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackermalwaredata-losscryptography\/"},{"@type":"ListItem","position":3,"name":"SRLabs Develops Black Basta Ransomware Decryptor"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/54980","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=54980"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/54980\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/54981"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=54980"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=54980"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=54980"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}