International. So far, victims of the Babuk ransomware are estimated to have paid about $13 million to recover information hijacked by the malicious actor, first identified in 2020.
It is estimated that the actors behind the virus have made additional ransom demands of more than US$49 million, mainly in countries such as the United States, Spain, Italy, the United Kingdom, Germany, South Africa, India, China and the United Arab Emirates.
Like other threats of its kind, Babuk has the ability to encrypt the files of a computer system and demand a financial ransom in exchange for its release. Over the past three years, its increasing use has been evidenced in attacks targeting businesses and organizations around the world.
Characteristics and impact of attacks
Babuk ransomware is able to carry out actions such as file encryption, data exfiltration, sending ransom notes, distribution through phishing, potential damage to systems and data, and focus on ransom.
Cybersecurity company HelpRansomware describes its impact as significant, both operationally and financially, for affected organizations. In addition, it discourages the payment of ransoms because they do not guarantee the recovery of encrypted files and are illegal.
"Encryption of critical files can result in the loss of valuable data and affect business continuity. In addition, ransom demands are often high, which can lead to considerable financial costs for victims. It is also important to note that, even if the ransom payment is made, there is no guarantee that the files will actually be released," he said in a statement.
How to protect yourself from Babuk?
For HelpRansomware, protecting a company from Babuk requires a combination of security measures including constant software updates, the use of robust security solutions, and regular backups.
Additionally, it considers it essential to offer employee training, the establishment of security policies and the permanent monitoring and auditing of systems.