Babuk

Inactive

Babuk Ransomware is a sophisticated ransomware compiled for several platforms. Windows and ARM for Linux are the most used compiled versions, but ESX and a 32bit old PE executable were observed over time. as well It uses an Elliptic Curve Algorithm (Montgomery Algorithm) to build the encryption keys.

8 Victims

Oct 24, 2020 First Discovered

Jul 31, 2023 Last Discovered

1007 Days Inactive

33.3% Infostealer

0/1 Sites Online

Top Countries

US 3

FR 1

GB 1

Top Sectors

Business Services 2

Consumer Services 1

Transportation/Logistics 1

Construction 1

Hospitality and Tourism 1

Public Sector 1

Healthcare 1

Known Locations (1)

Babuk - Leaks site

nq4zyac4ukl4tykmidbzgdlvaboqeqsemkp4t35bzvjeve6zm2lqcjid.onion

Tools Used

Exfiltration

File[.]io

Victims (8)

BridgeMill Athletic Club

US Consumer Services Discovered: Jul 31, 2023 · Attack est.: Jul 27, 2021

https://www.bridgemillathleticclub.com

spsr-law.com

Business Services Discovered: Jul 31, 2023 · Attack est.: Jul 7, 2021

The Babuk v2.0 new

E.A. Gibson Shipbrokers

Transportation/Logistics Discovered: Jul 31, 2023 · Attack est.: Jul 6, 2021

The Babuk 2.0new

Arabian Computer Supplies co.

Business Services Discovered: Jul 31, 2023 · Attack est.: Jun 21, 2021

The Babuk 2.0 new

4murs.com

FR Construction Discovered: Jul 31, 2023 · Attack est.: Jun 15, 2021

The Babuk v2.0 new

Houston Rockets NBA Team

US Hospitality and Tourism Discovered: Mar 31, 2021 · Attack est.: Mar 31, 2021

Washington DC Metropolitan Police Department

US Public Sector Discovered: Mar 31, 2021 · Attack est.: Mar 31, 2021

Serco

GB Healthcare Discovered: Oct 24, 2020 · Attack est.: Oct 24, 2020