Babuk Locker Ransomware Builder Leaked- Experts Insight

The Babuk Locker ransomware builder was uploaded to VirusTotal last week, giving threat actors the ability to modify the ransom note with their own contact info and use it to target Windows, VMware ESXI, Network Attached Storage (NAS) x86, and NAS ARM devices. Security researchers with MalwareHunterTeam also said ID Ransomware received a sharp spike in Babuk Locker submission starting on June 29th. An expert with Blue Hexagon offers perspective.

https://twitter.com/malwrhunterteam/status/1410120830844014598

Experts Comments

July 02, 2021
Saumitra Das
CTO and Co-founder
Blue Hexagon

Even though the first obvious concern here is to focus on the source code being reused by other actors creating infinite variants of Babuk, the leak of the source code in this fashion is extremely suspicious and could actually be a smokescreen attempt by the creators of Babuk to divert attention while abandoning the project and tainting investigations by having other people reuse the source code.

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.