Security Researcher Insight On Ransomware Gang ‘Babyk’

By   ISBuzz Team
Writer , Information Security Buzz | Feb 04, 2021 12:37 pm PST

Marking the first large scale ransomware operation of 2021, Babyk, the group behind Babyk Ransom Locker software, recently launched a data leak site—an online forum where hackers post and publicize data stolen from their victims. 

Please find the comments from Denis Legazo, senior security researcher at Kaspersky, below. In it he discusses why Babyk may seek to utilise an online leak site and why they may refer to a “Hackers Code”.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Denis Legezo
Denis Legezo , Senior Security Researcher
February 4, 2021 8:42 pm

<p>The Babyk group is of many actors behind CryptoLocker’s campaigns. While they are quite new, websites like theirs aren’t necessarily surprising. Cybercriminals distributing malware such as this often brag about their \"achievements\". They do it to demonstrate that they are capable of publishing stolen data if the victim does not pay the ransom for their decryption. Among many others, this was the approach adopted by the Conti group when using the TrickBot Trojan.</p> <p> </p> <p>It is noteworthy that the group is outlining a “hacker’s code” regarding which entities they will and will not attack. However, it is not a reason to romanticise them – the group is still just doing \"business\". The known declared limits of hacking groups are primarily related to geographic regions, based around the level of risk in some locations.</p>

Last edited 3 years ago by Denis Legezo

Recent Posts

Would love your thoughts, please comment.x