Czech Network Security Software Company AVAST creates and releases a decryption tool to help Babuk Lee Software Victims recover files.

Avast ThreatLabs Introduction, the Babuk decryptor is created using the source code and decryption keys that have extended .babuk, .babyk, .Doydo encrypted Babuk victims can be used free of charge. The victims of Babuk Lee Software can download the decryption tool from the AVAST server and decrypt the entire partition according to the user interface prompt. According to the test, the decapitator may only be valid for the victim of the partial key to the Babuk source dump.

The source code and decryption key from a self-claimed Organization is a member of the organizational member. This so-called BABUK member has to make a decision to disclose the source code due to the late cancer. The shared shared document contains different VisualStudio BaBuk Lee Software projects for the VMwareESXI, NAS, and Windows encrypsers, where the Windows folder contains the full source code of the Windows encrypler, the decryptor, and it looks like a private key and public key generator. Content. The document also includes the encryption and decryption program written by the Lesso Software Group for a particular victim.

Babuk Windows Encrypse Source Code

After leakage incident, the EMSISOFT Chief Technology Officer and Lee Software Expert Fabian Wosar said the source code is legal, and the document may also contain the decryption key of the past victims.

Babuk’s turmoil history

Babuklocker, also known as Babyk and Babuk, is a sleeve software action that steals and encrypts dual Lessle attacks when initiating in early 2021. After attacking the Washington DC SAR (MPD), the organization was depated by the US law enforcement department, Babuk was forced to stop action.

Because the organization “admin” wants to disclose the stealing MPD data to the website, it is objected by other members. Since then, Babuk members split into two forces. The original “administrator” launched RAMP online crime website. Other members restarted the lesser in the name of Babukv2, and continued to target and encrypt enterprise data attack.

The RAMP network criminal website is just a series of DDoS attacks soon. “Administrator” believes that the behind-the-scenes behind the attack is his former partner, but Babukv2 denied this.

Reference Source: