Posts

Babuk Locker is the first new enterprise ransomware of 2021


Locked

It’s a new year, and with it comes a new ransomware called Babuk Locker that targets corporate victims in human-operated attacks.

Babuk Locker is a new ransomware operation that launched at the beginning of 2021 and has since amassed a small list of victims from around the world.

From ransom negotiations with victims seen by BleepingComputer, demands range from $60,000 to $85,000 in Bitcoin.

How the Babuk Locker encrypts devices

Each Babuk Locker executables analyzed by BleepingComputer has been customized on a per-victim basis to contain a hardcoded extension, ransom note, and a Tor victim URL.

According to security researcher Chuong Dong who also analyzed the new ransomware, Babuk Locker’s coding is amateurish but includes secure encryption that prevents victims from recovering their files for free.

“Despite the amateur coding practices used, its strong encryption scheme that utilizes Elliptic-curve Diffie–Hellman algorithm has proven effective in attacking a lot of companies so far,” Dong stated in his report.

When launched, the threat actors can use a command-line argument to control how the ransomware should encrypt network shares and whether they should be encrypted before the local file system. The command-line arguments that control this behavior are listed below:

-lanfirst
-lansecond
-nolan

Once launched, the ransomware will terminate various Windows services and processes known to keep files open and prevent encryption. The terminated programs include database servers, mail servers, backup software, mail clients, and web browsers.

When encrypting files, Babuk Locker will use a hardcoded extension and append it to each encrypted file, as shown below. The current hardcoded extension used for all victims so far is .__NIST_K571__.

Babuk Locker encrypted files
Babuk Locker encrypted files
Source: BleepingComputer

A ransom note named How To Restore Your Files.txt will be created in each folder. This ransom note contains basic information on what happened during the attack and a link to a Tor site where the victim can negotiate with the ransomware operators.

One of the ransom notes seen by BleepingComputer contains the victim’s name and links to images proving that the threat actors stole…

Source…

Top 5 Tips To Implement Mobile Security | @SolutionsReview

The Most Secure Phone? Samsung Knox is Setting the Bar

Global Cyber Security Market (2020 to 2030) – by Component, Security Type, Deployment, Enterprise, Use Case and Industry


DUBLIN–(BUSINESS WIRE)–Nov 19, 2020–

The “Cyber Security Market Research Report: By Component, Security Type, Deployment, Enterprise, Use Case, Industry – Global Industry Analysis and Growth Forecast to 2030” report has been added to ResearchAndMarkets.com’s offering.

In 2019, 1,473 data breaches in the U.S. led to the exposure of 164,683,455 confidential records, as per the Identity Theft Resource Center (ITRC). Additionally, in May 2020 alone, 841,529 records were exposed in 108 data breach incidents. The records ranged from people’s financial and medical information to strongly protected national secrets. Weak passwords, improper configuration, complex access permissions, and malware attacks are the major reasons behind data breaches. Moreover, with more companies transitioning to the cloud, the threat is becoming even more real.

As per the publisher, due to the rising number of such attacks, the cyber security market will grow from $119.9 billion in 2019 to $433.6 billion by 2030, at a 12.6% CAGR between 2020 and 2030. Most people associate cyber security with a simple antivirus, but it is a lot more than that, encompassing application, enterprise, endpoint, network, database, cloud, email, and information security. Among these, the demand for enterprise security solutions is the highest, as organizations are becoming aware about keeping their entire IT infrastructure safe from cyber miscreants.

In the coming years though, the requirement for cloud security solutions is expected to rise the fastest, on account of the burgeoning usage of cloud computing. Cloud allows companies to minimize their IT infrastructure requirement, access the data from anywhere, at any time, and scale up and down the storage capacity as per usage. The 2020 State of the Cloud Report says that by 2023, around $500 billion will be publicly spent on cloud around the world. In 2019, McAfee had said that in any company, around 9% of the cloud applications in use are highly vulnerable to cyberattacks.

Apart from the increasing cyberattack incidence, another key driver for the cyber security market is the stringent compliance regulations in numerous countries. To encourage companies to take steps for…

Source…