Security News > 2021 > July > Babuk ransomware is back, uses new version on corporate networks
After announcing their exit from the ransomware business in favor of data theft extortion, the Babuk gang appears to have slipped back into their old habit of encrypting corporate networks.
The criminals are currently using a new version of their file-encrypting malware and have moved the operation to a new leak site that lists a handful of victims.
The Babuk ransomware group became known at the beginning of the year but the gang says that their attacks had started in mid-October 2020, targeting companies across the world and demanding ransoms of $60,000-$85,000 in bitcoin cryptocurrency.
Instead, a new leak site emerged on the dark web carrying the Babuk ransomware markings.
They released only the old version of their malware and created a new one to get back into the ransomware business.
The gang made this clear in a comment to our article about a rush of ransomware attacks that used the leaked Babuk builder and demanded.