Babuk crew announced it will stop ransomware attacks

Pierluigi Paganini May 01, 2021

Babuk ransomware operators shut down their affiliate program and announced to stop using ransomware, the group plans to move on data theft.

Recently the Babuk ransomware operators made the headlines for the ransomware attack against the DC Police Department. Experts believe that the decision of the group to leave the ransomware practice could be the result of an operational error, it was a bad idea to threaten the US police department due to information that it manages.

Now the group announced it will stop conducting ransomware attacks and will no longer provide such services to its network of affiliates, it plans to move data theft to extort money to the victims.

The decision of the group was published on their leak site, the statement announced that they will also open-source their ransomware code.

The message remained online for a couple of hours, then the group posted a new announcement. The new message did not explain that the group will stop orchestrating ransomware attacks but will focus on compromise organizations to steal sensitive data.


The group will threaten to leak the stolen data if the victims will not pay the ransom.

The group also offers to other ransomware gang the opportunity to leak stolen data on its leak site.

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Babuk ransomware)

[adrotate banner=”5″]

[adrotate banner=”13″]

you might also like

leave a comment