The alleged cancer diagnosis of a self-proclaimed ex-“Babuk Locker” group member has driven them to publish their ransomware’s source code. Following the member’s disclosure of Babuk Locker’s code on the Russian-language cybercriminal forum XSS, the group has been cast in a new light. Security researchers have pointed to a rift involving a Babuk Locker affiliate, the group’s members, and its administrator, following an April 2021 ransomware attack on the Washington DC Metro Police Department (MPD). The group ultimately split up to form separate ransomware ventures: The administrator is reportedly running the new ransomware-focused RAMP forum and a new data-leak website called Groove, and affiliates have allegedly formed the “Babuk V2” ransomware collective.

×
Want these
Threat Intelligence reports sent straight to your inbox?
Subscribe below!
Thank you!
Error - something went wrong!
Most Recent Flipbooks
Weekly Intelligence Summary 21 October
Main story: Ransom Cartel and REvil: Partners in cybercrime?
Weekly Intelligence Summary 14 Oct
Main story: Hacktivists fan flames of Iranian anti-regime protests
Weekly Intelligence Summary 07 Oct
Main story: ProxyNotShell spells déjà vu for MS Exchange Server defenders
Weekly Intelligence Summary 30 Sept
Main story: Rogue ex-developer leaks LockBit 3.0 builder
Weekly Intelligence Summary 23 Sept
Main story: Uber compromised by Lapsus$'s resurgence
Weekly Intelligence Summary 16 Sept
Main story: Cyber attacks shock the Italian energy sector
Weekly Intelligence Summary 09 Sept
Main story: Back to school for students and ransomware groups