Ransomware Group:  
Babuk



Sponsored by Hudson RockUse Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business


Sites | Tools | Yara Rules | Negotiations | Activity | Worldmap | Victims (8)

Babuk Ransomware is a sophisticated ransomware compiled for several platforms. Windows and ARM for Linux are the most used compiled versions, but ESX and a 32bit old PE executable were observed over time. as well It uses an Elliptic Curve Algorithm (Montgomery Algorithm) to build the encryption keys.


Sites

Title Available Last Visit FQDN Screenshot
Babuk - Leaks site 🔴 2024-02-26 07:35:58.320788 nq4zyac4ukl4tykmidbzgdlvaboqeqsemkp4t35bzvjeve6zm2lqcjid.onion N/A

Tools used

Discovery RMM Tools Defense Evasion Credential Theft OffSec Networking LOLBAS Exfiltration
File[.]io

This information is provided by Ransomware-Tool-Matrix

Yara Rules

 Negotiation chats

Name # Msg Initial Ransom Negotiated Ransom Paid
20210203 106 N/A N/A
20210428 44 N/A N/A

This information is provided by Valéry Marchive & Julien Mousqueton

Activity over time

Worldmap

8 Victims

FR flag

4murs.com 

Company logo
Ransomware Group:

Discovery Date: 2023-07-31 14:37
Estimated Attack Date: 2021-06-15

Sector:
The Babuk v2.0 new

Victim:   |  Group: 
 flag

Arabian Computer Supplies co. 

Company logo
Ransomware Group:

Discovery Date: 2023-07-31 14:36
Estimated Attack Date: 2021-06-21

Sector:
The Babuk 2.0 new

Victim:   |  Group: 
 flag

spsr-law.com 

Company logo
Ransomware Group:

Discovery Date: 2023-07-31 14:36
Estimated Attack Date: 2021-07-07

Sector:
The Babuk v2.0 new

Victim:   |  Group: 
 flag

E.A. Gibson Shipbrokers 

Company logo
Ransomware Group:

Discovery Date: 2023-07-31 14:35
Estimated Attack Date: 2021-07-06

Sector:
The Babuk 2.0new

Victim:   |  Group: 
 flag

BridgeMill Athletic Club 

Company logo
Ransomware Group:

Discovery Date: 2023-07-31 14:35
Estimated Attack Date: 2021-07-27

Sector:
https://www.bridgemillathleticclub.com

Victim:   |  Group: 
US flag

Houston Rockets NBA Team 

Company logo
Ransomware Group:

Discovery Date: 2021-04-01 00:00

Group: 
US flag

Washington DC Metropolitan Police Department 

Company logo
Ransomware Group:

Discovery Date: 2021-04-01 00:00

Group: 
 flag

Serco 

Company logo
Ransomware Group:

Discovery Date: 2020-10-25 00:00

Group: