fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Babuk Ransomware Readies ‘Shut Down’ Post, Plans To Open Source Malware

Babuk Ransomware Readies ‘Shut Down’ Post, Plans To Open Source Malware

After just a few months of activity, the operators of Babuk ransomware briefly posted a short message about their intention to quit the extortion business after having achieved their goal.

Unlike other gangs that chose to release decryption keys or even return the collected ransoms, Babuk’s final gesture is to pass the torch to others.

Hanging up the encryption keys

Earlier today, the Babuk ransomware gang said in a message titled “Hello World 2” on their leak site that they had achieved their goal and decided to shut down the operation.

However, they would not leave the stage without a legacy: the source code for Babuk file-encrypting malware would be publicly available once they terminated the “project.”

The message suffered modifications and was visible for a short while on the main page of the site, though. In one version captured by Dmitry Smilyanets of Recorded Future, the cybercriminals said that breaching “PD was our last goal,” a clear reference to their latest victim, the Metropolitan Police Department (MPD). As seen in the screenshot below, “PD” was also in the title.

Another variant of the message, captured by BleepingComputer, did not have “PD” mentioned at all, potentially suggesting that the gang is preparing to end its operations in the foreseeable future, after having compromised a different victim.

Also Read: PDPA Singapore Guidelines: 16 Key Concepts For Your Business

Nevertheless, one part of the message is clear in both versions of the message. Whenever the Babuk ransomware gang decides to call it quits, at least under the Babuk name, they would “do something like Open Source RaaS, everyone can make their own product based on our product and finish with the rest of the RaaS.”

Babuk’s latest victim is the Metropolitan Police Department (MPD), the main law enforcement agency in Washington, DC, who confirmed the breach to BleepingComputer.

This came after the cybercriminals said that they had stolen 250GB of data before encrypting MPD’s computers and published screenshots of folders stolen in the attack to prove their claims.

Also Read: Data Protection Officer Singapore | 10 FAQs

Brief stint, plenty of victims

Babuk ransomware emerged at the beginning of the year. Right from the start it targeted victims all over the world and demanded ransoms between $60,000 to $85,000 in bitcoin cryptocurrency.

Analysis from BleepingComputer showed that every executable of this ransomware strain was customized for each victim with a hardcoded extension, ransom note, and Tor URL for contact.

Initially, Babuk ransomware operators said that they would not target several types of organizations in the healthcare, non-profit, education, small business sector, with some exceptions.

In a subsequent post on their leak site, the gang clarified that their attacks had started since at least mid-October 2020 and removed the previously-mentioned exceptions.

It is unclear how many organizations fell victim to the Babuk ransomware operation but the leak site currently lists well over a dozen companies that did not pay the ransom.

Others may be available on hidden pages, as is now the case of the Metropolitan Police Department, which is no longer listed on the main page but still has its place on the leak site.

Of note, other ransomware gangs in the past trumpeted that they were leaving the ransomware business only to return under a different name. Even if developers retire, affiliates will jump to a different RaaS operation, as was the case when Maze shut down and Egregor ransomware adopted many of the former’s affiliates.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us