Babuk Ransomware Gang Mulls Retirement

2021-04-29 22:44

Of the Washington D.C. Metropolitan Police Department and doxxing what looked like its data, the Babuk ransomware-as-a-service gang prepared a goodbye note saying that they're hanging up its spurs.

Babuk did promise to pass the torch on to other criminals by open-sourcing the source code for the Babuk file-encrypting malware, saying that it would make it publicly available once it terminated the "Project."

Randy Pargman, a 15-year veteran of the FBI and current VP of Threat Hunting & Counterintelligence at Binary Defense, has been tracking Babuk from the get-go.

"After a period of time off, they will return with a new and improved version of their ransomware, claiming to be a brand new group that benefited from the public release of Babuk's code but pretending that they are not related to Babuk at all."

To rub out the ransomware economy, Pargman says that it was only a matter of time before the Treasury Department decided to add Babuk to its sanctions list over the MPD attack.

Are the Babuk operators considering retirement because they were too successful for their own good? Successful, as in, big enough to put substantial hurt on individuals or entities, and then too, picking on the wrong targets? Pargman points to the Babuk gang's apparent doxxing of police data as being the kind of crime that can put a stick in the spokes of police investigations, potentially leading to injury or even death.

News URL

https://threatpost.com/babuk-ransomware-gang-mulls-retirement/165742/

#ransomware