Babuk
Babuk Ransomware is a sophisticated ransomware compiled for several platforms. Windows and ARM for Linux are the most used compiled versions, but ESX and a 32bit old PE executable were observed over time. as well It uses an Elliptic Curve Algorithm (Montgomery Algorithm) to build the encryption keys.
Victims
8
First Discovered
2020-10-25
victim
Last Discovered
2023-07-31
victim
Inactive Since
2yrs
more than
Avg Delay
757.8
days
Infostealer
0.0%
victims with domain
Known Locations (1)
| Favicon | Title | Type | Available | Last Visit | Server Info | FQDN | |
|---|---|---|---|---|---|---|---|
|
Babuk - Leaks site | No | 2025-06-01 21:18:21 | nq4zyac4ukl4tykmidbzgdlvaboqeqsemkp4t35bzvjeve6zm2lqcjid.onion |
Target (Available)
Top 5 Activity Sectors
- Healthcare and Public Health 1
- Commercial Facilities 1
- Government Facilities 1
Top 5 Countries
-
United States
2
-
France
1
Heatmap (Available)
Ransom Notes (0)
No ransom notes available.
Tools Used (Available)
| Discovery | RMM Tools | Defense Evasion | Credential Theft | OffSec | Networking | LOLBAS | Exfiltration |
|---|---|---|---|---|---|---|---|
|
File[.]io
|
Vulnerabilities Exploited (0)
No vulnerabilities exploited available.
TTPs Matrix (0)
No TTPs available.
Negotiation Chats (2)
YARA Rules (1)
Indicators of Compromise (IoCs) (0)
No IoCs available for this group.
Victims (8)
