The Babuk ransomware emerged in the month of January 2021, invading at least 5 large companies on January 15. Like other variants, the ransomware group breaks into and is deployed on the network of companies, which carefully hack and compromise the entire network.
The group gains access by phishing, a very famous tactic used by some other ransomware groups. Phishing is basically an attempt to trick users via email, phone calls, social networks, or SMS.
And this tactic is easier to fall for than you think, because all their proposals are very similar to real companies, and consequently the victim falls for the scam and the ransomware is installed.
Babuk has been responsible for major attacks, one of them was the attack on the Washington DC Police Department, besides the attack the group published 250 GB of stolen data on their blog on the DeepWeb.
The ransom amount charged by the group ranges from $60,000 to $80,000, which was probably not paid by the police, who ended up having the data leaked.
The Babuk ransomware can break into almost any version of Windows from Windows XP to Windows 10, and it not only breaks into the operating system, it also disrupts some backup and anti-malware services upon entering the computer, making it unstoppable.
The ransomware adds a ‘.babyk’ extension to the encrypted files and leaves the following message at the end of the encrypted files: “choung dong looks like hot dog!!!”
Recovering Files Encrypted by Ransomware Babuk
The Babuk ransomware is extremely complex and sophisticated, making any company using the Windows operating system a potential victim.
We know how disastrous a successful Babuk ransomware attack can be for a company, so we have developed unique solutions to be able to recover data that has been encrypted, even without the decryption key.
We can recover encrypted data through a proprietary technology called Tracer, it can recover data on any storage device such as: HD, SSD, Servers, Storage, Database, RAID Systems, Virtual Machines and others.
All our procedures are done in accordance with the confidentiality agreement (NDA).
Contact one of our specialists and start the recovery process right now.