The Babuk Locker ransomware builder was uploaded to VirusTotal last week, giving threat actors the ability to modify the ransom note with their own contact info and use it to target Windows, VMware ESXI, Network Attached Storage (NAS) x86, and NAS ARM devices. Security researchers with MalwareHunterTeam also said ID Ransomware received a sharp spike in Babuk Locker submission starting on June 29th. An expert with Blue Hexagon offers perspective.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
<p>Even though the first obvious concern here is to focus on the source code being reused by other actors creating infinite variants of Babuk, the leak of the source code in this fashion is extremely suspicious and could actually be a smokescreen attempt by the creators of Babuk to divert attention while abandoning the project and tainting investigations by having other people reuse the source code.</p>