Blacktail Leverages LockBit and Babuk Source Code to Build Buhti

The source code for the encryptor from the LockBit and Babuk ransomware has been exposed and is being used by the new ransomware operation known as Buhti. Additionally, it exfiltrates data via a specially created information thief. Research indicates that the developer of this ransomware, a new organisation called Blacktail, is not connected to any known threat organisations.

Researchers from Symantec found fresh examples of this virus that targets Windows machines. It utilises LockBit Black, a modified variation of LockBit 3.0. In September 2022, the source code for the Windows LockBit 3.0 constructor was exposed. The first samples, which Unit 42 found in February, only targeted Linux.

Blacktail Leverages LockBit and Babuk Source Code to Build Buhti

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address

Blacktail Leverages LockBit and Babuk Source Code to Build Buhti

30-May-23

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address