Babuk
Babuk Ransomware is a sophisticated ransomware compiled for several platforms. Windows and ARM for Linux are the most used compiled versions, but ESX and a 32bit old PE executable were observed over time. as well It uses an Elliptic Curve Algorithm (Montgomery Algorithm) to build the encryption keys.
Victims
8
First Discovered
2020-10-25
victim
Last Discovered
2023-07-31
victim
Inactive Since
2yrs
more than
Avg Delay
757.8
days
Infostealer
33.3%
victims with domain
Countries
3
hit
Known Locations (1)
| Favicon | Title | Type | Available | Last Visit | Server Info | FQDN | |
|---|---|---|---|---|---|---|---|
|
Babuk - Leaks site | No | 2026-04-28T07:22:42 |
nq4zyac4ukl4tykmidbzgdlvaboqeqsemkp4t35bzvjeve6zm2lqcjid.onion
|
Target
Top 5 Activity Sectors
- Business Services 2
- Construction 1
- Transportation/Logistics 1
- Consumer Services 1
- Hospitality and Tourism 1
Top 5 Countries
-
United States
3
-
France
1
-
United Kingdom
1
Heatmap
Tools Used
| Discovery | RMM Tools | Defense Evasion | Credential Theft | OffSec | Networking | LOLBAS | Exfiltration |
|---|---|---|---|---|---|---|---|
|
File[.]io
|
Negotiation Chats (2)
YARA Rules (1)
Victims (8)
