The Babyk ransomware operation has launched a new data leak site used to publish victim’s stolen data as part of a double extortion strategy. Included is a list of targets they wont attack with some exclusions that definitely stand out.
In 2019, the Maze ransomware operation introduced new double-extortion strategy of stealing unencrypted files and then threatening to publicly release them on data leak sites if a ransom is not paid.
Soon after, other ransomware gangs adopted this strategy until it has become a popular method for threat actors to extort their victims.
Babyk ransomware, also known as Babuk, is a new ransomware operation that launched at the beginning of the year and has been targeting enterprise organizations worlwide.
When first launched, the ransomware gang was leaking their data in posts on the ‘Raid Forums’ hacking forum but had stated that they planned on launching a dedicated leak site.
Emsisoft security researcher Brett Callow shared a new site recently created by the Babyk Ransomware group where they are currently listing four victims, and the leaked data for three of them.
Also Read: The 5 Benefits Of Outsourcing Data Protection Officer Service
Included on the data leak site is a list of organizations that they will not encrypt, which includes hospitals, non-profits, schools, and small businesses.
Also Read: How To Prevent WhatsApp Hack: 7 Best Practices
For each of these categories, the ransomware gangs lists the following exclusions:
We do not audit next categories of organizations
Hospitals: except private plastic surgery clinics, private dental clinics
Non-Profit: Any non-profitable charitable foundation (except the foundations who help LGBT and BLM)
Schools: except the major universities
Small Business: Companies with annual revenue less than 4 mln$ (info about revenue we take from zoominfo)
BleepingComputer has seen exclusion in the past for healthcare and what ransomware actors call “socially vital” services, such as 911, shelters, and nursing homes.
The exclusions for non-profits is the first time BleepingComputer has seen personal opinions dictate whether a ransomware operation will encrypt an organization.
With the release of Babuk’s site, there are now a total of ninteeen active ransomware data leak sites used in the double extortion tactic.
Role of Enhanced Access Controls in Safeguarding Personal Data in Telecommunications that every Organisation in…
Effective Incident Response Procedures in Strengthening Data Security that every Organisation in Singapore should know…
Crucial Role of Regular Vulnerability Scanning that every Organisation in Singapore should know. Strengthening Your…
Enhancing Data Security with Multi-Factor Authentication that every Organisation in Singapore should know. Enhancing Data…
Strong Password Policy as a first line of defense against data breaches for Organisations in…
Importance of Efficient Access Controls that every Organisation in Singapore should take note of. Enhancing…
This website uses cookies.
