New Babuk Ransomware found in Major Attack


Thread author
Staff Member
Malware Hunter
Jul 27, 2015
During November, Morphisec identified a brand-new variant of Babuk ransomware while investigating a customer's prevention event. Babuk was first discovered at the beginning of 2021, when it began targeting businesses to steal and encrypt data in double-extortion attacks. Later in the year, a threat actor leaked the complete source code for Babuk on a Russian-speaking hacking forum.

Now threat actors have combined Babuk’s leaked source code with open-source evasive software and side loading techniques to create a variant previously unseen in the wild. During the same month, Trend Micro released details about a similar ransomware, mistakenly attributing it to WannaRen and naming the ransomware after the targeted company’s name. This time attackers used a new Babuk strain to target a multibillion-dollar manufacturing company with more than 10,000 workstations and server devices.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.