Babuk
Babuk Ransomware is a sophisticated ransomware compiled for several platforms. Windows and ARM for Linux are the most used compiled versions, but ESX and a 32bit old PE executable were observed over time. as well It uses an Elliptic Curve Algorithm (Montgomery Algorithm) to build the encryption keys.
Victims
8
First Discovered
2020-10-25
victim
Last Discovered
2023-07-31
victim
Inactive Since
2yrs
more than
Avg Delay
757.8
days
Infostealer
33.3%
victims with domain
Attack Velocity — Last 12 months
Known Locations (1)
| Favicon | Title | Type | Available | Last Visit | Server Info | FQDN | |
|---|---|---|---|---|---|---|---|
|
Babuk - Leaks site | No | 2026-04-28T07:22:42 | nq4zyac4ukl4tykmidbzgdlvaboqeqsemkp4t35bzvjeve6zm2lqcjid.onion |
Target (Available)
Top 5 Activity Sectors
- Business Services 2
- Construction 1
- Transportation/Logistics 1
- Consumer Services 1
- Hospitality and Tourism 1
Top 5 Countries
-
United States
3
-
France
1
-
United Kingdom
1
Heatmap (Available)
Ransom Notes (0)
No ransom notes available.
Tools Used (Available)
| Discovery | RMM Tools | Defense Evasion | Credential Theft | OffSec | Networking | LOLBAS | Exfiltration |
|---|---|---|---|---|---|---|---|
|
File[.]io
|
Vulnerabilities Exploited (0)
No vulnerabilities exploited available.
TTPs Matrix (0)
No TTPs available.
Negotiation Chats (2)
YARA Rules (1)
Indicators of Compromise (IoCs) (0)
No IoCs available for this group.
Victims (8)
