Hackers flooded the Babuk ransomware gang’s forum with gay porn images

The Babuk ransomware operators seem to have suffered a ransomware attack, threat actors flooded their forum gay orgy porn images.

At the end of June, the Babuk Locker ransomware was leaked online allowing threat actors to use it to create their own version of the popular ransomware.

The Babuk Locker operators halted their operations at the end of April after the attack against the Washington, DC police department. Experts believe that the decision of the group to leave the ransomware practice could be the result of an operational error, it was a bad idea to threaten the US police department due to the information that it manages.

The ransomware gang broke into the Washington, D.C., Metropolitan Police Department, encrypted its files and demanded a $4 million ransom.

At the end of May, the Babuk ransomware operators rebranded their ransomware leak site into Payload.bin and started offering the opportunity to other gangs to use it to leak data stolen from their victims.

The builder allows creating custom versions of the Babuk Locker ransomware that works for Windows systems, ARM-based network storage attached (NAS) devices, and VMWare ESXi servers.

Now the group seems to have suffered a ransomware attack, threat actors flooded their forum, a Dark Web ransomware forum called RAMP, with gay orgy porn images. The attackers also demanded $5K in bitcoin to the Babuk gang that refused to pay the ransom.

The analysis of the Bitcoin address used by the threat actor to request the payment is still empty.

According to The Record, the Babuk operators were forced to wipe their forum clean at least on two occasions as a result of the attack.

Even if the Babuk operators have wiped the forum several times, the attacker was still able to flood it with pornographic GIFs.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Babuk ransomware)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.