Spammer floods the Babuk ransomware gang's forum with gay porn GIFs
A spammer has flooded the forum of the Babuk ransomware group with gay orgy porn GIFs after the Babuk gang failed to pay a $5,000 ransom demand the threat actor made on Friday.
While initially, the Babuk gang derided the extortion attempt and deleted the spammer's initial post, hundreds of forum topics have been created today on the forum.
User profiles registered by The Record have disappeared twice today, suggesting the Babuk gang has wiped its forum clean at least on two occasions as a result of the spam waves that have flooded the site over the weekend.
However, despite today's spam wave, the Babuk group has dug its heels in and has refused to pay the ransom and make the spammer go away.
A Bitcoin address where the threat actor requested payment has not yet received any funds.
Although most properly configured forums have ways to deal with comment spammers, news of today's spam incident is almost certain to have a negative impact on the Babuk gang's future plans.
The group, which "formally" retired from carrying out ransomware operations in late April after they ransomed the Washington DC police department, had been going through a rebranding phase.
While at first they rebranded as Payload.Bin and offered to host a "leak site" for other ransomware gangs, they had a change of plans two weeks ago when they decided to run a forum on the dark web where all the ransom gangs, initial access brokers, and other cybercrime groups could meet and do business — after the three major hacking forums banned ransomware discussions in late May.
With the forum failing to gain any significant traction among other cybercrime groups, login bugs, and DDoS attacks, today's incident is probably the final nail in the coffin to Babuk's plans of becoming some sort of ransomware go-to hub.
Catalin Cimpanu
is a cybersecurity reporter who previously worked at ZDNet and Bleeping Computer, where he became a well-known name in the industry for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers.