Lucene search
K

20 matches found

The Hacker News
The Hacker News
added 2026/03/27 10:4 a.m.4 views

Bearlyfy Hits Russian Firms with Custom GenieLocker Ransomware

A pro-Ukrainian group called Bearlyfy has been attributed to more than 70 cyber attacks targeting Russian companies since it first surfaced in the threat landscape in January 2025, with recent attacks leveraging a custom Windows ransomware strain codenamed GenieLocker. "Bearlyfy also known as...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/25 10:40 a.m.280 views

Buhti Ransomware Gang Switches Tactics, Utilizes Leaked LockBit and Babuk Code

The threat actors behind the nascent Buhti ransomware have eschewed their custom payload in favor of leaked LockBit and Babuk ransomware families to strike Windows and Linux systems. "While the group doesn't develop its own ransomware, it does utilize what appears to be one custom-developed tool,...

9.8CVSS9.9AI score0.99999EPSS
Exploits44
The Hacker News
The Hacker News
added 2023/05/11 10:32 a.m.2 views

Babuk Source Code Sparks 9 Different Ransomware Strains Targeting VMware ESXi Systems

Multiple threat actors have capitalized on the leak of Babuk aka Babak or Babyk ransomware code in September 2021 to build as many as nine different ransomware families capable of targeting VMware ESXi systems. "These variants emerged through H2 2022 and H1 2023, which shows an increasing trend o...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/04 1:16 p.m.86 views

Rorschach Ransomware Emerges: Experts Warn of Advanced Evasion Strategies

Cybersecurity researchers have taken the wraps off a previously undocumented ransomware strain called Rorschach that's both sophisticated and fast. "What makes Rorschach stand out from other ransomware strains is its high level of customization and its technically unique features that have not be...

9.8CVSS9.8AI score0.95478EPSS
Exploits7
The Hacker News
The Hacker News
added 2023/02/16 10:13 a.m.26 views

ESXiArgs Ransomware Hits Over 500 New Targets in European Countries

More than 500 hosts have been newly compromised en masse by the ESXiArgs ransomware strain, most of which are located in France, Germany, the Netherlands, the U.K., and Ukraine. The findings come from attack surface management firm Censys, which discovered "two hosts with strikingly similar ranso...

1.5AI score
Exploits0
The Hacker News
The Hacker News
added 2022/06/24 8:2 a.m.32 views

State-Backed Hackers Using Ransomware as a Decoy for Cyber Espionage Attacks

A China-based advanced persistent threat APT group is possibly deploying short-lived ransomware families as a decoy to cover up the true operational and tactical objectives behind its campaigns. The activity cluster, attributed to a hacking group dubbed Bronze Starlight by Secureworks, involves t...

0.5AI score
Exploits0
Talos Blog
Talos Blog
added 2021/11/04 4:45 a.m.18 views

Microsoft Exchange vulnerabilities exploited once again for ransomware, this time with Babuk

By Chetan Raghuprasad and Vanja Svajcer, with contributions from Caitlin Huey. Cisco Talos recently discovered a malicious campaign deploying variants of the Babuk ransomware predominantly affecting users in the U.S. with smaller number of infections in U.K., Germany, Ukraine, Finland, Brazil,...

6.9AI score
Exploits0
ThreatPost
ThreatPost
added 2021/11/03 6:16 p.m.200 views

‘Tortilla’ Wraps Exchange Servers in ProxyShell Attacks

A new-ish threat actor sometimes known as “Tortilla” is launching a fresh round of ProxyShell attacks on Microsoft Exchange servers, this time with the aim of inflicting vulnerable servers with variants of the Babuk ransomware. Cisco Talos researchers said in a Wednesday report that they spotted...

10CVSS9.2AI score0.99999EPSS
Exploits18References23
Trellix
Trellix
added 2021/07/28 12:0 a.m.16 views

Babuk: Biting off More than they Could Chew by Aiming to Encrypt VM and *nix Systems? | McAfee Blogs

Babuk: Biting off More than they Could Chew by Aiming to Encrypt VM and nix Systems? Thibault Seret · JUL 28, 2021 Co-written with Northwave’s Noël Keijzer. Executive Summary For a long time, ransomware gangs were mostly focused on Microsoft Windows operating systems. Yes, we observed the...

7.5AI score
Exploits0
ThreatPost
ThreatPost
added 2021/07/26 9:8 p.m.69 views

Babuk Ransomware Gang Ransomed, New Forum Stuffed With Porn

The Babuk ransomware gang’s new rebrand isn’t going so well. It seems the cybercriminal group has been a victim of a ransomware attack of its own. Babuk’s latest endeavor, a Dark Web ransomware forum called RAMP, was crippled by a spammer over the weekend who overloaded the site with same-sex...

6.2AI score
Exploits0References12
ThreatPost
ThreatPost
added 2021/07/21 1:0 p.m.54 views

Tracking Malware and Ransomware Domains in 2021

In 2021, the threat of ransomware has loomed large. In many ways, it’s exactly what cybersecurity experts expected and predicted after the major cyber attacks of 2020—including hospital ransomware attacks on a healthcare industry hard-hit by both ransomware and Covid-19. But in other ways, this...

7.1AI score
Exploits0References13
ThreatPost
ThreatPost
added 2021/07/01 2:11 p.m.44 views

Babuk Ransomware Builder Mysteriously Appears in VirusTotal

The Babuk ransomware gang’s source code has been uploaded to VirusTotal, making it available to all security vendors and competitors. It’s unclear however just how that happened. According to a Wednesday posting from Malwarebytes, the operators of the ransomware – perhaps best-known for hitting t...

7.2AI score
Exploits0References10
Malwarebytes
Malwarebytes
added 2021/06/30 2:59 p.m.493 views

Babuk ransomware builder leaked following muddled “retirement”

In the last days of April 2021, the operators of Babuk ransomware announced they were going to focus on demanding a ransom for information stolen from compromised networks, leaving the encryption part of their operation behind. It meant that they no longer needed ransomware at all. “Babuk changes...

6.9AI score
Exploits0
HackRead
HackRead
added 2021/05/12 4:38 p.m.96 views

Babuk ransomware gang leaks DC police data as negotiations fail

By Deeba Ahmed The latest leak by the Babuk ransomware gang contains 26GB worth of records. This is a post from HackRead.com Read the original post: Babuk ransomware gang leaks DC police data as negotiations fail...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/05/12 7:16 a.m.41 views

Ransomware Gang Leaks Metropolitan Police Data After Failed Negotiations

The cybercrime syndicate behind Babuk ransomware has leaked more personal files belonging to the Metropolitan Police Department MPD after negotiations with the DC Police broke down, warning that they intend to publish all data if their ransom demands are not met. "The negotiations reached a dead...

6.8AI score
Exploits0
ThreatPost
ThreatPost
added 2021/04/29 10:44 p.m.42 views

Babuk Ransomware Gang Mulls Retirement

Just a few days after hackers bragged about purportedly raiding the computer systems of the Washington D.C. Metropolitan Police Department MPD and doxxing what looked like its data, the Babuk ransomware-as-a-service RaaS gang prepared a goodbye note saying that they’re hanging up its spurs...

6.7AI score
Exploits0References16
Trend Micro Simply Security
Trend Micro Simply Security
added 2021/04/23 12:0 a.m.8 views

This Week in Security News - April 23, 2021

XCSSET Quickly Adapts to Macs and Babuk Ransomware Gang Claims Decryptor Repaired...

1.7AI score
Exploits0
Trellix
Trellix
added 2021/02/23 12:0 a.m.5 views

Babuk Ransomware

ARCHIVED STORY Babuk Ransomware By Alexandre Mundo · February 23, 2021 Executive Summary Babuk ransomware is a new ransomware threat discovered in 2021 that has impacted at least five big enterprises, with one already paying the criminals $85,000 after negotiations. As with other variants, this...

0.3AI score
Exploits0
Trellix
Trellix
added 2021/02/23 12:0 a.m.9 views

Babuk Ransomware

ARCHIVED STORY Babuk Ransomware By Alexandre Mundo · February 23, 2021 Executive Summary Babuk ransomware is a new ransomware threat discovered in 2021 that has impacted at least five big enterprises, with one already paying the criminals $85,000 after negotiations. As with other variants, this...

7.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/02/01 10:15 a.m.59 views

A week in security (January 25 – January 31)

January 28 was Data Privacy Day, but for Malwarebytes Labs, it was Data Privacy Week. As such, were packed with more privacy coverage than you can shake a stick at, starting with some practical steps on how to make your online life private and secure, and why privacy is core to a safer internet. ...

7.3AI score
Exploits0
Rows per page
Query Builder