The District of Columbia Central Police Department reported a hack and possible data leak after screenshots of internal files from the department’s servers were published on the website of the ransomware Babuk Locker. Now Babuk Locker ransomware operators threatened to disclose police informants.
Babuk Locker operators claim to have hacked into law enforcement’s internal network and stolen 250 GB of data. On their website, the ransomware posted screenshots of various folders that were stolen during the attack. As the names suggest, these folders contain many files related to police operations, disciplinary records, and files related to gang members and criminal gangs.The hackers warn that law enforcements have three days to contact them and pay the ransom. Otherwise, the attackers threaten to contact the gang members featured in the documents and warn them about police informers.
DC Police officials said that they are still investigating the leak to determine its full impact. The department has already engaged the FBI to help with the investigation.
Babuk Locker is a very young ransomware. It was first spotted in January 2021, but over the past months it has attacked several major companies, including the Spanish phone retailer Phone House and the Houston Rockets basketball club.
One of the group’s most distinguishing features is the ransomware payload’s ability to encrypt files stored on shared VMWare eSXI virtual hard disks. It is one of three ransomware strains (along with Darkside and RansomExx) that can do this.
Last week, experts from Emsisoft warned that the hacker’s decryptor contains dangerous bugs that can lead to the destruction of the victim’s files. A few days later, the authors of Babuk Locker reported on a hacker forum that they had fixed this bug.
Let me remind you that I also said that Intelligence agencies often forget to remove sensitive data from PDF documents, as well as that Clop ransomware operators leaked data from two universities.
