Threat Alert: New Babuk Ransomware Variant Discovered

Morphisec has discovered a brand-new variant of Babuk ransomware. The new variant uses the Babuk ransomware source code leaked on Russian language hacker forums last year, combined with new evasive techniques based on open-source loaders.

Threat actors used this previously unseen variant to target a large manufacturing company with more than 10,000 workstations and server devices. The attack bypassed the customer’s next generation anti-virus (NGAV) and endpoint protection platform (EPP). The new variant could also evade industry-leading endpoint detection and response (EDR) solutions at the time of the attack.

Watch this special 30-minute virtual session to hear exclusive details about the attack, including: 

• Technical analysis of the ransomware, including indications of compromise (IOCs) and the differences between the original Babuk ransomware and the new variant  
• Techniques the ransomware uses to evade NGAV, EPP, and EDR solutions
• Recommendations for adjusting your security posture to protect against the new threat

Speaker:

Nadav Lorber | Security Research Team Lead

Oren T. Dvoskin | Product Marketing Director - Moderator