Babuk2 emerged in early 2025, operating under the aliases Bjorka and Skywave, and is widely regarded as a copycat group distinct from the original Babuk ransomware operation that became defunct in 2021. This iteration leverages the notoriety of the original Babuk and the Bjorka persona, a figure known for targeting the Indonesian government, to primarily achieve financial gain through data theft and extortion. The group is characterized by inconsistent and chaotic behavior, frequently recycling data from previous breaches by other threat actors, leading to questions about the authenticity and technical validation of their claimed compromises. Babuk2's defining trait is its reliance on public perception and the fear generated by the Babuk name rather than consistently demonstrating advanced technical capabilities, often utilizing previously leaked information to create the illusion of new, successful attacks.

Paises afectados

URLs nuevas detectadas en IntelTracker