← Back to Ransomware Tracker

Babuk

Inactive
Babuk Ransomware is a sophisticated ransomware compiled for several platforms. Windows and ARM for Linux are the most used compiled versions, but ESX and a 32bit old PE executable were observed over time. as well It uses an Elliptic Curve Algorithm (Montgomery Algorithm) to build the encryption keys.
8 Victims
Oct 25, 2020 First Discovered
Jul 27, 2021 Last Discovered
962 Days Inactive
0% Infostealer
0/1 Sites Online
Top Countries
US 2
FR 1
Top Sectors
Commercial Facilities 1
Government Facilities 1
Healthcare and Public Health 1
Known Locations (1)
Babuk - Leaks site
nq4zyac4ukl4tykmidbzgdlvaboqeqsemkp4t35bzvjeve6zm2lqcjid.onion
Tools Used
Exfiltration
File[.]io
RMM-Tools
DiscoveryEnum
Networking
CredentialTheft
Offsec
DefenseEvasion
LOLBAS
Intelligence
2 Negotiation Chats
Victims (8)
BridgeMill Athletic Club
Discovered: Jul 31, 2023 · Attack est.: Jul 27, 2021
https://www.bridgemillathleticclub.com
spsr-law.com
Discovered: Jul 31, 2023 · Attack est.: Jul 7, 2021
The Babuk v2.0 new
E.A. Gibson Shipbrokers
Discovered: Jul 31, 2023 · Attack est.: Jul 6, 2021
The Babuk 2.0new
Arabian Computer Supplies co.
Discovered: Jul 31, 2023 · Attack est.: Jun 21, 2021
The Babuk 2.0 new
4murs.com
FR Discovered: Jul 31, 2023 · Attack est.: Jun 15, 2021
The Babuk v2.0 new
Houston Rockets NBA Team
US Commercial Facilities Discovered: Apr 1, 2021 · Attack est.: Apr 1, 2021
Washington DC Metropolitan Police Department
US Government Facilities Discovered: Apr 1, 2021 · Attack est.: Apr 1, 2021
Serco
Healthcare and Public Health Discovered: Oct 25, 2020 · Attack est.: Oct 25, 2020
Source: Ransomware.live | Data cached and served by Digital Checkmark IT Services | Ransomware Tracker