Since the complete source code including the tools of the encryption trojan “Babuk Locker” leaked in a Russian hacker forum, script kiddis could create their own version of the Windows malware with comparatively little effort.
Security researchers are currently investigating the code and you have come to the conclusion that the leak is real. According to the current state of knowledge, all components are available from which basically anyone could build a blackmail trojan. This should include modules for ESXi, NAS and Windows systems. Among other things, this could be used to create an executable file for the ransomware and encryption and decryption tools. Keygens should also be there.
Happiness for victims?
The researchers assume that there could even be keys in the leak. These would help victims regain access to their data without having to pay a ransom. The investigations are still ongoing.
“Babuk Locker” has been on the road since the beginning of 2021 and is primarily aimed at companies. The blackmail allegedly involved ransom sums of up to $ 85,000. To put even more pressure on victims to pay the ransom, the criminals threatened to publish copied company data.
After the criminals attacked the IT systems of the Metropolitan Police Department, they were exposed to high pressure from investigators and stopped the campaign.
Serious illness as a cause of leakage
Now a member of the group has leaked the source code in the vx-underground forum. According to his own statements, he suffers from end-stage lung cancer and now wants to “have time to live like a person”.