Babuk Locker ransomware operators have leaked private recordsdata belonging to law enforcement officials from the Metropolitan Police Division (also referred to as MPD or DC Police) after negotiations went stale.
The paperwork revealed on Babuk Locker’s darkish net leak portal embody 150 MB value of information from DC Cops’ private recordsdata.
“The negotiations reached a lifeless finish, the quantity we have been supplied doesn’t swimsuit us, we’re posting 20 extra private recordsdata on officers, you’ll be able to obtain this archive, the password will probably be launched tomorrow,” Babuk Locker stated.
The ransomware gang claims the info was leaked as a result of the sum of money the DC Police was keen to pay didn’t match Babuk Locker’s ransom calls for.
Babuk Locker added that each one the info can be leaked if the DC Police is unwilling to match their calls for. “If throughout tomorrow they don’t increase the value, we’ll launch all the info,” the ransomware operators stated.
BleepingComputer has not been in a position to independently confirm if the ransomware gang’s claims are true or if the DC Police supplied to pay any ransom.
A DC Police spokesperson was not accessible for remark when contacted by BleepingComputer earlier as we speak.
Ransomware incident confirmed by DC Police
Final month, when MPD confirmed the attack, Babuk Locker stated that they had compromised the DC Police’s networks and stolen 250 GB of unencrypted recordsdata.
At the time, the ransomware gang additionally posted screenshots of folders containing knowledge allegedly stole throughout the breach.
The folders’ names level to inner recordsdata associated to police operations, investigation reviews, disciplinary information, in addition to recordsdata associated to gang members and ‘crews’ working in DC.
DC Police informed BleepingComputer the breach is beneath investigation to decide the complete impression. The police division has additionally engaged the FBI to assist them examine the incident.
Final month, Babuk Locker additionally breached the NBA’s Houston Rockets community, which was clear in regards to the ransomware assault.
Surprisingly, the ransomware gang all of the sudden took down stolen Houston Rockets knowledge from their web site after leaking it.
Plans to maneuver to an extortion-only “enterprise” mannequin
After disclosing their assault on DC Police’s community, Babuk Locker operators posted and deleted two bulletins about plans to shut down operations and open-source the ransomware.
Someday later, the ransomware gang stated that they might as an alternative shut their associates program and transfer to an extortion-only mannequin which doesn’t depend on encrypting victims’ techniques after stealing delicate knowledge.
This transfer may need additionally been prompter by bugs affecting Babuk Locker’s decryptor found by cybersecurity firm Emsisoft, bugs that may destroy the victims’ recordsdata whereas they have been being decrypted and, probably, result in income losses for the gang sooner or later if victims’ would’ve refused to pay ransoms.
Babuk Locker started operating in January when in addition they started leaking knowledge stolen from their targets on hacker boards and in a while their knowledge leak portal.
Since then, the ransomware gang has slowly expanded its operations as they recruited extra associates to compromise much more enterprise networks.