Die Babuk Ransomware Gruppe (babuk-bjorka) hat heute auf ihrer Website im Darknet bekanntgegeben, dass sie Rheinmetall Defence (rheinmetall.com) gehackt hat.

(trustwave.com) Babuk2 Bjorka: The Evolution of Ransomware for 'Data Commoditization'

https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/babuk2-bjorka-the-evolution-of-ransomware-for-data-commoditization/

I have long awaited the moment when RaaS-operators and the ecosystem surrounding it would start to really dig through the data and find the juicy bits.

I know that Ransomhub have been quite good at making the data browsable but perhaps this "new" group is spearheading a new modus or trend.

Short Summary:
Trustwave SpiderLabs has uncovered a significant evolution in ransomware operations through their investigation of the apparent revival of the Babuk ransomware group. Rather than finding a traditional ransomware operation, they discovered a sophisticated threat actor named Bjorka who has transformed the ransomware model into an industrial-scale data commoditization enterprise. Bjorka is recycling previously leaked data from other ransomware groups and selling it through multiple platforms while impersonating the Babuk brand (as Babuk2).

Babuk 2 ransomware is linked to high-profile attacks, but others accuse it of stealing their work, with evidence supporting these claims.

#Babuk #ransomware #cybersecurity #cyberattack #fraud

https://cnews.link/ransomware-gangs-accuse-babuk2-of-fraud-1/

New post from #Babuk-Bjorka : Washington Dc Metropolitan Police Department 1 Terabytes By ( Babuk Locker )
More at : https://www.ransomlook.io/group/Babuk-Bjorka #Ransomware

Free Decryptor Released for #BlackBasta and #Babuk's #Tortilla Ransomware Victims

https://thehackernews.com/2024/01/free-decryptor-released-for-black-basta.html

#Decryptor for #Tortilla variant of #Babuk #ransomware released
https://securityaffairs.com/157214/cyber-crime/tortilla-variant-babuk-ransomware-decryptor.html
#securityaffairs #hacking #malware

And that’s a wrap for Babuk Tortilla ransomware as free decryptor released – Source: go.theregister.com https://ciso2ciso.com/and-thats-a-wrap-for-babuk-tortilla-ransomware-as-free-decryptor-released-source-go-theregister-com/ #rssfeedpostgeneratorecho #TheRegisterSecurity #CyberSecurityNews #TheRegister #Babuk #thats

One of the #FBI’s most wanted #cybercriminal, known by his online monikers “#Wazawaka” and “#Boriselcin,” is trolling the U.S. government by making a T-shirt with his own most wanted poster, and asking his Twitter followers if they want merch. The feds accuse him of being a “central figure” in the development and deployment of ransomware like Hive, #LockBit, and #Babuk. #Matveev, who FBI believes remains in #Russia, is unlikely to face extradition to the United States.
https://techcrunch.com/2023/09/18/fbi-most-wanted-hacker-trolling-the-u-s-government/

How many ransomware-wielding hackers can claim among their bona fides to have caused a national cheese shortage, not least in the Gouda-loving Netherlands?
https://www.databreachtoday.com/blogs/gouda-hacker-charges-tie-to-ransomware-hit-affecting-cheese-p-3449
#Wazawaka #Matveev #Babuk #LockBit #Hive
h/t @john_fokker @intel471inc @northwave_sec @trellixarc @recordedfuture @ddd1ms

US offers $10m bounty for Russian ransomware suspect outed in indictment - "Up to $10 million for information that leads to the arrest and/or conviction of this def... https://nakedsecurity.sophos.com/2023/05/17/us-offers-10m-bounty-for-russian-ransomware-suspect-outed-in-indictment/ #ransomware #lawℴ #lockbit #babuk #bust #hive #doj

US Treasury sanctions #ransomware operator for "role in launching cyberattacks against U.S. law enforcement, businesses, and critical infrastructure." Reward of up to $10 million offered. #LockBit #Hive #Babuk

https://home.treasury.gov/news/press-releases/jy1486

#Leaked source code of #Babuk #ransomware used by 10 different ransomware families targeting #VMware #ESXi
https://securityaffairs.com/146144/cyber-crime/babuk-ransomware-code-used-10-ransomware.html
#securityaffairs #hacking #malware

Up to 10 new #ransomware strains targeting #VMware ESXi systems thanks to #Babuk source code leak.
#Linux #Cybersecurity
https://www.sentinelone.com/labs/hypervisor-ransomware-multiple-threat-actor-groups-hop-on-leaked-babuk-code-to-build-esxi-lockers/

#RTMLocker #ransomware group emerges with a #Linux variant that also targets #NAS and #ESXİ systems. There Linux build appears to be inspired from the #Babuk groups leaked source code.

As enterprises get better at protecting Windows systems, ransomware threat actors are looking to other enterprise systems to inflict pain.

https://www.uptycs.com/blog/rtm-locker-ransomware-as-a-service-raas-linux

I wrote about the recent go books sale.
https://smartgo.blog/2023/03/10/economics-go-books/