A cybercriminal group called Black Basta has built a new tool that helps them break into remote systems like VPNs and firewalls by guessing weak passwords. This tool allows them to easily target companies and demand ransom.
According to cybersecurity experts, the tool— named BRUTED, automatically scans the internet to find systems that might be easy to hack. It focuses on popular VPN and firewall services from companies like Cisco, Fortinet, Palo Alto, and others. It also attacks systems used for remote desktop access.
The tool gathers information like IP addresses, website subdomains, and security certificates to help guess passwords specific to each organization. It then sends fake login requests that look like they’re from a real user or device, making it harder to detect.
Since BRUTED runs automatically, it helps hackers attack many targets quickly. This increases their chances of breaking in and earning money from ransomware attacks.
Experts warn that many companies still rely on simple or repeated passwords, which makes their systems easy to hack. Sometimes, attackers use leaked or default passwords that organizations forget to change.
This poor password management exposes businesses to big risks. In fact, weak passwords might have also caused a leak in Black Basta’s own data when a hacker broke into a Russian bank and exposed the gang’s private chats.
Black Basta is known for targeting important industries like healthcare and manufacturing, where even a small disruption can cause major losses. These industries are more likely to pay ransom to avoid shutdowns.
Security experts are urging businesses to act fast—use strong and unique passwords, change default settings, run regular security checks, and train employees about password safety.
Good password habits can help prevent such attacks and protect important systems from hackers like Black Basta.
