The full source code of the Babuk (Babyk) ransomware program, which became widely known after the attack on the Washington Police Department (USA), has been published on the Russian-language XSS hacker forum.
According to the information published on the forum, the source code of the Babuk encryption program was posted directly by its developer. The young man said that he was sick with cancer, he did not have long to live and he was provided for the rest of his life.
The specialists of the vx-underground team were the first to notice the “leak”. According to a Twitter post, the source was posted by one of the alleged developers of Babuk. The published file contains various Visual Studio Babuk projects for VMware ESXi, NAS and Windows.
One of the developers for Babuk ransomware group, a 17 year old person from Russia, has been diagnosed with Stage-4 Lung Cancer. He has decided to leaked the ENTIRE Babuk source code for Windows, ESXI, NAS.
You can download the Babuk source here: vx-underground[.]org/tmp/
— vx-underground (@vxunderground) September 3, 2021
The Windows folder contains the full source code for the Windows encryptor, a decryptor, and a private and public key generator.
Among other things, the leak also includes ransomware and decryptors for certain victims of the ransomware group.
Experts from Emsisoft and, who analyzed the source code, have already confirmed the authenticity of the code.
Recall that the Babuk ransomware became known at the beginning of this year. The malware actively attacked organizations around the world, demanding $ 60-85 thousand in bitcoins for recovering decrypted files. Among his victims, in particular, are the Phone House chain of stores for mobile devices and one of the leading American manufacturers of weapons control systems PDI Group.
After the attack on the Washington police department, the developers announced the cessation of activities. Despite this, after a while, a new version of the ransomware appeared – Babuk V2, which is still working.
Catch up on more articles here
Follow us on Twitter here