Recently Leaked Babuk Locker Ransomware Builder Detected In New Attacks

The builder can be used to create a custom version of the ransomware to encrypt files on Windows systems, NAS and VMWare ESXi servers.

The Babuk Locker ransomware design pattern (builder) has leaked onto the Internet, with the result that any criminal group seeking to enter the cyber ransomware scene can access it with little or no development effort.

Recently Leaked Babuk Locker Ransomware Builder Detected In New Attacks

According to the copies of leaked files obtained by The Record, the Babuk Locker builder can be used to create a custom version of the ransomware for encrypting files on Windows systems, on ARM-based network attached storages (NAS) and on VMWare ESXi servers. In addition, decryptors are also generated for each ransomware created using the builder, allowing you to recover the encrypted files of each victim.

Recently Leaked Babuk Locker Ransomware Builder Detected In New Attacks

The Babuk Locker design pattern was leaked two months after its creators announced they would end ransomware operations following a high-profile attack on the Washington Police Department in late April. Cybercriminals retired at the end of May when their leaked site was renamed Payload.bin and began operating as a third-party host for other cyber ransomware that does not have their own sites to publish their victims’ data.

At the time of writing, it was unclear if the builder was leaked as a result of a failed transaction when the creators of Babuk Locker tried to sell it to a third party, or if the design pattern was deliberately published by a rival group or security researcher.

Catch up on more articles here

Follow us on Twitter here

Popular

Must read

MORE ON THIS TOPIC:

Related Posts