Jump to content
Login new information ×
Login new information
Donations campaign phase one 2024

Babuk Locker emerges as the first new form of ransomware in 2021

mood

By mood
in Security & Privacy News

Recommended Posts

mood

mood

Posted
Posted

Babuk Locker emerges as the first new form of ransomware in 2021

Five days into 2021, already a new form of ransomware has emerged: Babuk Locker.

 

babuklocker-768x432.jpg

Photo: Pixabay

 

First detailed Sunday by Chuang Dong, the ransomware uses its own implementation of SHA256 encryption called “ChaCha8” and also uses so-called Elliptic-curve Diffie-Hellman key generation to protect its keys and encrypt files. SHA256 is an encryption standard that has its roots with the U.S. National Security Agency, while ECDH is an anonymous key agreement scheme.

 

Bleeping Computer reported that Babuk Locker has amassed a small list of victims around the world with ransom demands varying between $60,000 and $85,000 in bitcoin. Each attack is said to be customized on a per victim basis including a hardcoded extension, ransom note and a Tor victim URL.

 

Typical of the most prevalent forms of ransomware last year, Babuk Locker includes the theft of data with the threat that if a ransom is not paid, the stolen data will be published online. Those behind Babuk Locker are currently publishing stolen data on a hacking forum rather than their own dedicated leak site.

“Babuk is the latest to hit the radar and it looks like the ‘threat actors’ spent all of their Christmas money on pieces of code that they cobbled together to create this ransomware,” Lamar Bailey, senior director of security research at cybersecurity firm Tripwire Inc., told SiliconANGLE. “Some of the code is well done and other areas, like multithreading, is elementary. I suspect they ran out of money to buy good code and instead, pieced together what they had with bubble gum and bailing wire.”

 

Bailey explained that if victims try to pay the ransom, they must upload files in a chat so that the hackers can make sure they can decrypt the files, and there’s likely a high failure rate. “Will they make money? Absolutely,” he said. “But like many fads, this will be a thing of the past in a few months and will not generate a lot of money long-term. Until then, stay away from 32 bit .exe files.”

 

 

Source: Babuk Locker emerges as the first new form of ransomware in 2021

Link to comment
Share on other sites
  • Views 257
  • Created
  • Last Reply

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...