DailyPost 2180
BABUK RANSOMWARE LEAK SITE
What ransomware can do us is all well-known from crippling businesses to bringing critical infrastructure to a grinding halt. It can make intellectual property penniless for the owner, while he will have to ransom to get back his own creation. You may have to give way to your sensitive and personally identifiable data, bringing untold misery to your business organisation. Even if you pay, you don’t how much of the damage can be limited, the ransomware gang is the reigning deity. You would have never heard of criminal gang having a virtual presence anywhere, giving details of their trade as any other business, but ransomware gangs are different.
They work in style supposedly out of reach of law enforcement, investigative and intelligence agencies. It is rare to have a silk road type investigation, more so if the geographical location remains completely unknown or a foreign land. Strange is the darknet, the world the ransomware gangs generally inhabit. The TOR hidden services and what can be called as the crevices of the internet. Through the TOR web browser, the onion V3 link you can reach Babuk ransomwares site. If you forget the pathway to reaching the website, you will find it to be like any other business website. The business is virtual, criminal and global.
The home page talks of organizations they don’t lay their hands on, to give a fair of their “moralistic stand.” Hospitals, non-profits, schools and small business don’t fall in their target group. Major universities and businesses with more than $4 million can still be targeted. There is about us section too. What is Babuk? Non-malicious, uses strong symmetric encryption. Ransomware is called audit. They have payment rules with minute details. How to use decryptor can be used once the payment is used. They seem to be trying to build up a weird proposition with the victim and also create a credibility that they would deliver on ransom paid. Reputation!
The prize catch is put on the Leaks Data section of the website. All leaked data seem to be of 2021. Some screen shots are also displayed. The documents / files / data is all there. These can called be public victim page. Passports are also there. 400 GB data and there are image gallery. Babuk also boasts of their exalted position in the ransomware world. They have a blog too. This is one of many criminal ransomware gangs, in the darknet. Lots of them claim to nonchalant. Navigating the darknet, scraping information from it, finding out ransomware gang’s mindset, connecting it cyber intelligence, and business risks need to happen. It cannot be allowed to be hidden while it keeps devastating our lives endlessly.
DARKNET DIALOGUE NEEDS TO BE BROUGHT TO THE PUBLIC DOMAIN IN THE INTEREST OF US ALL.
Sanjay Sahay