Babuk
Babuk Ransomware is a sophisticated ransomware compiled for several platforms. Windows and ARM for Linux are the most used compiled versions, but ESX and a 32bit old PE executable were observed over time. as well It uses an Elliptic Curve Algorithm (Montgomery Algorithm) to build the encryption keys.
Victims
8
First Discovered
victim2020-10-25
Last Discovered
victim2023-07-31
Avg Delay
between attack and claim757.8 days
Infostealer
for victim with domain0.0%
Known Locations (1)
| Favicon | Title | Type | Available | Last Visit | FQDN | |
|---|---|---|---|---|---|---|
|
Babuk - Leaks site | No | 2025-06-01 21:18:21 | nq4zyac4ukl4tykmidbzgdlvaboqeqsemkp4t35bzvjeve6zm2lqcjid.onion |
Target (Available)
Top 5 Activity Sectors
- Healthcare and Public Health 1
- Commercial Facilities 1
- Government Facilities 1
Top 5 Countries
-
United States
2
-
France
1
Heatmap (Available)
Ransom Notes (0)
No ransom notes available.
Tools Used (Available)
| Discovery | RMM Tools | Defense Evasion | Credential Theft | OffSec | Networking | LOLBAS | Exfiltration |
|---|---|---|---|---|---|---|---|
|
File[.]io
|
Vulnerabilities Exploited (0)
No vulnerabilities exploited available.
TTPs Matrix (0)
No TTPs available.
Negotiation Chats (2)
YARA Rules (1)
Indicators of Compromise (IoCs) (0)
No IoCs available for this group.
Victims (8)
Arabian Computer Supplies co.
Babuk
Discovery Date: 2023-07-31
Estimated Attack Date: 2021-06-21
Estimated Attack Date: 2021-06-21
The Babuk 2.0 new...
spsr-law.com
Babuk
Discovery Date: 2023-07-31
Estimated Attack Date: 2021-07-07
Estimated Attack Date: 2021-07-07
The Babuk v2.0 new...
E.A. Gibson Shipbrokers
Babuk
Discovery Date: 2023-07-31
Estimated Attack Date: 2021-07-06
Estimated Attack Date: 2021-07-06
The Babuk 2.0new...
BridgeMill Athletic Club
Babuk
Discovery Date: 2023-07-31
Estimated Attack Date: 2021-07-27
Estimated Attack Date: 2021-07-27
https://www.bridgemillathleticclub.com...