Babuk Coding Errors Make Data Recovery Impossible

  /     /     /  
Publicated : 23/11/2024   Category : security


Babuk Coding Errors Make Data Recovery Impossible


The ransomware groups decryption tool is poorly designed and coded, leading the group to focus more on data theft rather than encryption, researchers report.



The Babuk ransomware gang, which recently announced plans to target Linux/Unix systems in addition to ESXi and VMware systems, is changing its tactics after errors in its code led to issues with decrypting data, researchers report.
For a long time, ransomware operators were primarily focused on Windows, wrote Thibault Seret, security researcher at McAfee, and Noël Keijzer, who works in digital forensics and incident response at Northwave. Now criminals have begun to experiment with writing binaries in the cross-platform language GoLang (Go). Some ransomware groups, such as Babuk, have branched out to target different operating systems.
Babuk recently announced on an underground forum it would be developing a cross-platform binary for these *nix operating systems. Our worst fears were confirmed, the researchers said, noting many core backend systems in organizations run these operating systems. While Babuk is relatively new, its affiliates have aggressively targeted high-profile victims despite problems with the binary that led to issues with decryption, even after the companies paid.
Ultimately, the difficulties faced by the Babuk developers in creating ESXi ransomware may have led to a change in business model, from encryption to data theft and extortion, they explained. The design and coding of the encryption tool are poorly developed, meaning if a victim pays, decryption can be slow, and there is no guarantee that all files will be recovered.
Read the
full blog post
and
technical analysis
for more details.

Last News

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security

▸ Website hacks happened during World Cup final. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Babuk Coding Errors Make Data Recovery Impossible