Security News > 2021 > July > Babuk Ransomware Builder Mysteriously Appears in VirusTotal

Babuk Ransomware Builder Mysteriously Appears in VirusTotal
2021-07-01 14:11

The Babuk ransomware gang's source code has been uploaded to VirusTotal, making it available to all security vendors and competitors.

Two months later, the Babuk builder used to create the ransomware's unique payloads and decryption modules has been made public, researchers said.

Malwarebytes meanwhile said it's working to understand if the builder contains enough information to create a Babuk decryptor.

New Babuk attacks are launching using the leaked information, the outlet said, with the criminals asking for just.06 Bitcoin per attack - about $210. Ramifications of Leaked Babuk Source Code Unfortunately, the upload of the Babuk.

"Easily downloading the Babuk. ransomware compiler from the VirusTotal repository and creating their own custom ransomware note, these new attackers have generated their own ransomware campaigns easily," he said via email.

That's a possibility that researchers said would make sense only if competitors felt very strongly about Babuk making good on its promise to get out of ransomware operations.


News URL

https://threatpost.com/babuk-ransomware-builder-virustotal/167481/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Virustotal 2 0 6 14 1 21