Back in Black... Basta

Zscaler ThreatLabz details BlackBasta 2.0, a significantly rewritten ransomware variant that replaces RSA/GMP and ChaCha20 with NIST P-521 ECC (Crypto++) and XChaCha20, introduces stack-based string obfuscation and randomized filenames/extensions, appends a per-file cryptographic footer, and alters encryption patterns to evade AV/EDR; the report includes feature comparisons to the prior version, observed behavioral changes, example IOCs, and notes several confirmed victims.