A new ransomware group called the RA Group has become the latest ransomware actor to leverage the leaked Babuk ransomware source code to create its own variant.
The RA Group uses customized ransom notes, including the victim’s name and a unique link to download the exfiltration proofs.
Raghuprasad explained.
There is a noticeable trend that actors increasingly use the Babuk builder to develop ESXi and Linux ransomware, the cybersecurity firm said.
This is particularly evident when used by actors with fewer resources, as these actors are less likely to significantly modify the Babuz source code.
Other ransomware actors that have adopted the Babuku source code over the past year include AstraLocker and Nokoyawa.
Rashtriasad explained that this behavior is especially evident when using the ransomware with smaller resources.
๐ Feeling the vibes?
Keep the good energy going by checking out my Amazon affiliate link for some cool finds! ๐๏ธ
If not, consider contributing to my caffeine supply at Buy Me a Coffee โ๏ธ.
Your clicks = cosmic support for more awesome content! ๐๐
Leave a Reply