- Jul 27, 2015
During November, Morphisec identified a brand-new variant of Babuk ransomware while investigating a customer's prevention event. Babuk was first discovered at the beginning of 2021, when it began targeting businesses to steal and encrypt data in double-extortion attacks. Later in the year, a threat actor leaked the complete source code for Babuk on a Russian-speaking hacking forum.
Now threat actors have combined Babuk’s leaked source code with open-source evasive software and side loading techniques to create a variant previously unseen in the wild. During the same month, Trend Micro released details about a similar ransomware, mistakenly attributing it to WannaRen and naming the ransomware after the targeted company’s name. This time attackers used a new Babuk strain to target a multibillion-dollar manufacturing company with more than 10,000 workstations and server devices.
Babuk Ransomware Variant in Major New Attack
Previously unseen variant of Babuk ransomware strikes multibillion-dollar manufacturing company.