Around mid-year, Lab52 published a report on ransomware that included both geopolitical and cyber intelligence content. The report includes the analysis of different sources of information and showcasing some of our cyberintelligence findings in this regard. However, the activity of this type of malware prompts Lab52 to closely track the various recorded cases. Therefore, taking […]
ransomware
Analyzing the encryption method of emerging ransomware families
Cyble has recently published an analysis of AXLocker ransomware, a new ransomware that has been seen for the first time in november this month. As the article explains, the ransomware encrypts and exfiltrates data using discord. In this report we will focus on the encryption routine of this new artifact, which we can see in […]
Quick review of Babuk ransomware builder
Last week, the builder for the Babuk ransomware family was leaked online. Lab52 has obtained and analyzed this builder sample determining that it is very likely to be authentic. After their recent official move from Ransomware as a Service to data leaks extortions, someone uploaded to virusTotal the ransomware builder for unknown reasons, and it […]