New Babuk Ransomware found in Major Attack

[upnorth]

Content source

https://blog.morphisec.com/babuk-ransomware-variant-major-attack

During November, Morphisec identified a brand-new variant of Babuk ransomware while investigating a customer's prevention event. Babuk was first discovered at the beginning of 2021, when it began targeting businesses to steal and encrypt data in double-extortion attacks. Later in the year, a threat actor leaked the complete source code for Babuk on a Russian-speaking hacking forum.

Now threat actors have combined Babuk’s leaked source code with open-source evasive software and side loading techniques to create a variant previously unseen in the wild. During the same month, Trend Micro released details about a similar ransomware, mistakenly attributing it to WannaRen and naming the ransomware after the targeted company’s name. This time attackers used a new Babuk strain to target a multibillion-dollar manufacturing company with more than 10,000 workstations and server devices.

Babuk Ransomware Variant in Major New Attack

Previously unseen variant of Babuk ransomware strikes multibillion-dollar manufacturing company.

blog.morphisec.com