Summary: Investigations reveal that the Babuk2 ransomware group is making false extortion claims, reusing data from previous breaches without evidence of new attacks. Despite the groupβs assertions of conducting multiple attacks, independent analyses show no confirmed incidents of ransomware encryption or intrusions. Businesses must take due diligence in verifying any extortion claims to mitigate financial and reputational risks.
Affected: Babuk2 ransomware group
Keypoints :
- The Babuk2 group is using recycled data from earlier breaches to substantiate its extortion demands.
- No independent confirmations have verified the occurrence of new ransomware incidents attributed to Babuk2.
- Organizations should perform rigorous investigations to confirm the legitimacy of any extortion claims to avoid unnecessary response measures.
Source: https://www.halcyon.ai/blog/babuk2-ransomware-extortion-attempts-based-on-false-claims