Home > Security > Security News

The Builder of the ‘Babuk Locker’ Ransomware Has Leaked Online

Last updated September 17, 2021
Written by:
Bill Toulas
Bill Toulas
Cybersecurity Journalist
source code

It appears that the tool with which one can build the ‘Babuk Locker’ ransomware has now leaked online and is available to anyone interested in getting a copy for free. TheRecord has obtained a copy and tested the builder to see if it’s legit, and they confirmed that it appears to be the real deal.

Babuk ran its ransomware operations for only a short while but managed to achieve notable success nonetheless, with widely publicized incidents like the attack on the Washington D.C. Metropolitan Police, the Houston Rockets, and Yamabiko.

Source: TheRecord

Soon, the group’s main operator decided to sell the source code to other actors and focus on an encryption-less style of attacks, just stealing data from the compromised networks and then extorting the victims to pay a ransom. Indeed, by the start of this month, we saw Babuk launching a new portal called ‘Payload Bin’ and exiting the encryption game for good.

The details behind the leak of the building tool are unclear right now, and it could be that the person who bought it from Babuk just published it or that this is the result of a compromise. Whatever happened, the key takeaway from this is that a powerful ransomware tool is now circulating freely on hacking forums, and there are many malicious actors who would be eager to experiment with it.

Source: TheRecord

Whenever something like that happens, two main forces come into play. One is a natural uptick in the deployment of the leaked malware, and the second is the white-hat community being given an excellent opportunity to analyze the nasty code and create a matching defense and decryption tool. Unfortunately, only the first aspect is guaranteed, so attempts to infect systems with Babuk Locker will definitely see a rise now.

As TheRecord reports, this leak almost coincides with the leak of the ‘Paradise’ ransomware builder on a popular underground forum, which is a weird coincidence for sure. Whether or not the two occurrences are linked in any way, though, remains a question.

More on Security
Add a Comment
Related
Marks & Spencer Cyberattack
Marks & Spencer Breach Exposes Customer Data Due to Third Party, DragonForce Claims Attack
Hacker Explores Kitsap Mental Health Services Systems and then Steals Data Next Month
Oxford Life Insurance Company Confirms Hacker Accessed Financial Data this February
Massive Alleged Steam Data Breach Results in Over 89 Million Records for Sale
LockBit Ransomware Gang Affiliates Breached, Victim Negotiations Exposed
hospital
Ascension Health Data Breach Exposes Patient Information for the Second Time in a Year
Most Popular
The Handmaid's Tale
The Handmaid’s Tale Season 6 Episode 9 Ending Explained: Nick, Lawrence, and June’s Fates
Italian Watchdog Fines ‘Replika’ AI Chatbot Developer Over Data Processing Protocol Concerns
Bring Her Back movie
Bring Her Back: All About the Horror film Dealing with a Mother’s “Unending Cycle of Grief”
Google Chrome
Google Issues Emergency Chrome Update to Patch an Actively Exploited Vulnerability
Taylor Swift and Elisabeth Moss
The Handmaid’s Tale Season 6: Taylor Swift Premieres Re-Recorded song Ahead of Reputation
The Wonderfully Weird World of Gumball
All About The Wonderfully Weird World of Gumball: Beloved Series Returns in a new Blended Animation Style
The Handmaid’s Tale Season 6 Episode 9 Ending Explained: Nick, Lawrence, and June’s Fates
Italian Watchdog Fines ‘Replika’ AI Chatbot Developer Over Data Processing Protocol Concerns
Bring Her Back: All About the Horror film Dealing with a Mother’s “Unending Cycle of Grief”
Google Issues Emergency Chrome Update to Patch an Actively Exploited Vulnerability
The Handmaid’s Tale Season 6: Taylor Swift Premieres Re-Recorded song Ahead of Reputation
All About The Wonderfully Weird World of Gumball: Beloved Series Returns in a new Blended Animation Style

Most Popular
The Handmaid's Tale
The Handmaid’s Tale Season 6 Episode 9 Ending Explained: Nick, Lawrence, and June’s Fates
Italian Watchdog Fines ‘Replika’ AI Chatbot Developer Over Data Processing Protocol Concerns
Bring Her Back movie
Bring Her Back: All About the Horror film Dealing with a Mother’s “Unending Cycle of Grief”
Google Chrome
Google Issues Emergency Chrome Update to Patch an Actively Exploited Vulnerability
Taylor Swift and Elisabeth Moss
The Handmaid’s Tale Season 6: Taylor Swift Premieres Re-Recorded song Ahead of Reputation
The Wonderfully Weird World of Gumball
All About The Wonderfully Weird World of Gumball: Beloved Series Returns in a new Blended Animation Style
The Handmaid’s Tale Season 6 Episode 9 Ending Explained: Nick, Lawrence, and June’s Fates
Italian Watchdog Fines ‘Replika’ AI Chatbot Developer Over Data Processing Protocol Concerns
Bring Her Back: All About the Horror film Dealing with a Mother’s “Unending Cycle of Grief”
Google Issues Emergency Chrome Update to Patch an Actively Exploited Vulnerability
The Handmaid’s Tale Season 6: Taylor Swift Premieres Re-Recorded song Ahead of Reputation
All About The Wonderfully Weird World of Gumball: Beloved Series Returns in a new Blended Animation Style

TechNadu keeps you informed with the latest in cybersecurity, VPNs, streaming, and technology. From expert guides to in-depth reviews, we provide the knowledge you need to stay secure and connected in the digital world.

© 2025 TechNadu. All Rights Reserved. TechNadu is a part of Leaprove Media LLP.

Close lightbox
Facebook
Twitter
Linkedin
Reddit
Email
Copy Link
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: