Content Category: Author Yelisey Bohuslavskiy

Yelisey Bohuslavskiy is Co-Founder and Chief Research Officer at RedSense Cyber Threat Intelligence. He leads the RedSense Research & Development Team, which develops deep signals and human intelligence, and performs incisive customer-focused risk analysis.

The Evolution of BlackBasta Malware Dissemination

BlackBasta has evolved from relying on botnets like Qbot in 2022 to a hybrid model incorporating advanced social engineering by 2024. Initially influenced by Conti’s methodologies, the group adopted callback phishing and large-scale botnet use. Following the 2023 Qbot takedown, BlackBasta diversified, collaborating with DarkGate and exploiting platforms like Microsoft Teams. By 2024, it integrated targeted phishing and impersonation schemes, blending technical and social tactics. Drawing on post-Conti malware lab influences, BlackBasta has adapted to law enforcement pressures, establishing itself as a leader in ransomware innovation and resilience.

LockBit Story: A Three-Year Investigative Journey

LockBit, until its recent downfall, was a standout in the ransomware-as-a-service (RaaS) landscape, notably enduring the RaaS model crisis that saw the collapse of many other groups between 2021 and 2022. While these competitors faltered, LockBit survived and thrived into early 2024, showcasing remarkable resilience. RedSense’s extensive investigation into LockBit’s durability, grounded in SIGINT, telemetry analysis, forensics, incident reviews, and malware reversal, demystify its resilience without succumbing to speculation.

How Law Enforcement Actions Break Down Ransomware (featuring a Black Cat)

Early in the morning on Thursday, December 7th, my team at RedSense and I learned that a federal offensive was taking place against AlphV (aka BlackCat)’s infrastructure and had subsequently downed its servers. I share my personal thoughts on what long-term impacts a Law Enforcement Action (LEA) can have on the threat ecosystem at large.

No Honor Among Thieves

Recently, the RedSense HUNT team has been working to understand how adversaries train their own pentesting teams to infect a victim environment and deploy stealer malware. Our ultimate goal is to educate RedSense  partners on what to expect from adversaries.​

​​​​Based on what we found in instructional videos created by the adversaries themselves, we have made numerous informative discoveries and one which shocked us and proves there really is no honor among thieves.

Posting Fullz - A Novel Trend Amongst Threat Actors

Chief Research Officer Yelisey Bohuslavskiy comments on a new trend we are seeing amongst threat actors.

Weaponizing Artificial Intelligence Large Language Models (LLMs)

RedSense looks at how adversaries are working to leverage artificial intelligence large language models (LLMs) for malicious exploits.