An alleged member of the Babuk Ransomware gang recently published their full source code in a popular Russian-language hacking forum.
The leak, which comes from a member claiming to be suffering from cancer, includes everything a threat actor needs to make functional Ransomware executable files. These include including files that contain various Visual Studio Babuk Ransomware projects for VMware ESXi, NAS and Windows encrypts, and much more.
While Babuk uses elliptic-curve cryptography (ECC) as part of its encryption process, researcher Fabian Wosar explained that the folder containing encryption and decryption keys for certain victims of the gang may also contain curve files that could be the ECC decryption keys for the victims.
According to the findings, there are a total of 15 folders with curve files containing possible decryption keys. Experts and researchers have explained that the leak appears to be legitimate after careful investigation.
For more information, read the original story in Bleeping Computer.
