iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
The Babuk ransomware’s adoption of live beta testing on its victims causes encryption ‘beyond repair’ via a faulty decryptor, a McAfee report has found.
The McAfee report, titled Babuk: Moving to VM and *nix Systems Before Stepping Away, has found that a faulty binary or a faulty decryptor could be encrypting files "beyond repair" for many Babuk ransomware victims.
Since Babuk has adopted live beta testing on its victims regarding its Golang binary and decryptor development, McAfee has pinpointed several flaws that demonstrated how the decryption process fails in certain instances, causing irrecoverable damage, even if a decryptor is secured.
McAfee has found both the design and coding of the decryption tool are poorly developed, which means that if companies decide to pay the ransom, the decoding process for encrypted files can be very slow and does not guarantee that all files will be recoverable.
The Babuk threat actor has only been active for only a short time and the move away from an encryption/ransom model and has caused a significant damage by operating with faulty ransomware. McAfee concluded that the poorly designed ransomware prompted the threat actor's transition into extortion and theft.
Nastasha is a Journalist at Momentum Media, she reports extensively across veterans affairs, cyber security and geopolitics in the Indo-Pacific. She is a co-author of a book titled The Stories Women Journalists Tell, published by Penguin Random House. Previously, she was a Content Producer at Verizon Media, a Digital Producer for Yahoo! and Channel 7, a Digital Journalist at Sky News Australia, as well as a Website Manager and Digital Producer at SBS Australia. Nastasha started her career in media as a Video Producer and Digital News Presenter at News Corp Australia.
Be the first to hear the latest developments in the cyber industry.
