Security News > 2021 > January > Babuk Locker is the first new enterprise ransomware of 2021
It's a new year, and with it comes a new ransomware called Babuk Locker that targets corporate victims in human-operated attacks.
Babuk Locker is a new ransomware operation that launched at the beginning of 2021 and has since amassed a small list of victims from around the world.
Each Babuk Locker executables analyzed by BleepingComputer has been customized on a per-victim basis to contain a hardcoded extension, ransom note, and a Tor victim URL. According to security researcher Chuong Dong who also analyzed the new ransomware, Babuk Locker's coding is amateurish but includes secure encryption that prevents victims from recovering their files for free.
The Babuk Locker Tor site is nothing fancy and simply contains a chat screen where the victim can talk to the threat actors and negotiate a ransom.
As part of the negotiation process, the ransomware operators ask their victims if they have cyber insurance and are working with a ransomware recovery company.
Most ransomware operations that utilize this tactic have created public ransomware data leak sites to publish stolen data.