In late April 2021, the District of Columbia Central Police Department reported a hack and possible data leak after screenshots of internal files from the department’s servers were published on the Babuk Locker ransomware website.
Then the hackers said that they gained access to the internal network of law enforcement officers and stolen 250 GB of data. They posted screenshots of various folders that were stolen during the attack. As the names suggest, these folders contain many files related to police operations, disciplinary records, and files related to gang members and criminal gangs.The hackers warned that the police have three days to contact them and pay the ransom. Otherwise, they threatened to contact the gang members featured in the documents and warn them about police informers.
As the Bleeping Computer now reports, the hackers have not yet implemented these threats, but the situation continues to evolve. So, after the break-in, the negotiations of the extortionists with law enforcement officers reached an impasse. As a result, Babuk Locker operators began posting police officers’ personal files on their website and are threatening to continue.
Currently, the site of the criminals contains 150 MB of personal files of police officers.
Hackers write:
The journalists were unable to verify whether the ransomware claims were true, and whether the police really offered the criminals any money. However, a little later, the hackers released screenshots on their website, which allegedly are the result of negotiations between them and the DC police. It looks like the attackers demanded a ransom of $4,000,000, and the police offered them $100,000 in response.
The police do not comment on this in any way, they only note that the FBI has already joined the investigation of the incident.
Let me remind you that shortly after the hacking of the police department, the hackers announced that they would change their “business model”, and Babuk would become an open source RaaS. Then the attackers wrote that they were planning to engage in pure extortion (without encrypting the systems of the affected companies and organizations).
