Red Hot Cyber

Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Search

Babuk Locker 2.0: The New Ransomware Affiliate Program

Pietro Melillo : 13 March 2025 22:54

Babuk, one of the most notorious ransomware groups in cybercrime, has launched the Babuk Locker 2.0 Affiliate Program 2025, an affiliate program for skilled hackers looking to profit from ransomware attacks. This program, published on their data leak site, introduces new advanced features and a more structured model for those wishing to join their criminal network.

How the Program Works

Babuk Locker 2.0 accepts affiliates from all over the world, regardless of language or origin, provided they have experience in penetration testing and compromising IT systems. Their goal is clear: maximize profits through targeted attacks and manage ransom payments more efficiently. The platform allows affiliates to independently handle communications with victims and extortion operations.

New Features of the Platform

The new version of Babuk Locker introduces several features to simplify cybercriminal operations, including:

  • Tor-based control panel: An interface for managing attacks and negotiating ransoms.
  • Chat with victims: A messaging system with notifications and file transfer.
  • Decryption verification: The ability to demonstrate to victims that the ransomware can effectively restore files.
  • Babuk Stealer: A module for stealing data before encryption.
  • Automatic data upload: Affiliates can upload stolen information directly to the group’s blog.
  • Network scanner: To identify shared resources within the victim’s network.
  • Automatic ransomware distribution: The malware spreads without the need for scripts or advanced configurations.

How Much Affiliates Earn

Vorresti toccare con mano la Cybersecurity e la tecnologia? Iscriviti GRATIS ai WorkShop Hands-On della RHC Conference 2025 (Giovedì 8 maggio 2025)

Se sei un ragazzo delle scuole medie, superiori o frequenti l'università, oppure se solamente un curioso, il giorno giovedì 8 maggio 2025 presso il teatro Italia di Roma (a due passi dalla stazione termini e dalla metro B di Piazza Bologna), si terranno i workshop "hands-on", creati per far avvicinare i ragazzi alla sicurezza informatica e alla tecnologia. Questo anno i workshop saranno:

  • Creare Un Sistema Ai Di Visual Object Tracking (Hands on)
  • Social Engineering 2.0: Alla Scoperta Delle Minacce DeepFake
  • Doxing Con Langflow: Stiamo Costruendo La Fine Della Privacy?
  • Come Hackerare Un Sito WordPress (Hands on)
  • Il Cyberbullismo Tra Virtuale E Reale
  • Come Entrare Nel Dark Web In Sicurezza (Hands on)

  • Potete iscrivervi gratuitamente all'evento, che è stato creato per poter ispirare i ragazzi verso la sicurezza informatica e la tecnologia.
    Per ulteriori informazioni, scrivi a [email protected] oppure su Whatsapp al 379 163 8765


    Supporta RHC attraverso:


    Ti piacciono gli articoli di Red Hot Cyber? Non aspettare oltre, iscriviti alla newsletter settimanale per non perdere nessun articolo.

    Babuk Locker 2.0 enforces a fixed 10% commission on ransom payments received by affiliates. Each affiliate negotiates directly with the victim and then transfers the required percentage to the Babuk group. To ensure participant credibility, the program requires a $25,000 USD deposit in Bitcoin, a strategy aimed at filtering out law enforcement infiltrators or undercover investigators.

    Who Can and Cannot Be Targeted

    Babuk has established some rules regarding attack targets:

    • Prohibited attacks on critical infrastructure: Nuclear power plants, public hospitals, and post-Soviet organizations are off-limits.
    • Allowed targets: Private companies, for-profit educational institutions, pharmaceutical firms, and aesthetic clinics.
    • Encouraged attacks: Law enforcement agencies and government organizations involved in cybercrime investigations.

    Conclusion

    The Babuk Locker 2.0 Affiliate Program 2025 demonstrates how ransomware is becoming more sophisticated and structured. With increasingly advanced tools and direct control over negotiations, the Babuk group positions itself as one of the most dangerous actors in the cybercriminal landscape. For companies, staying vigilant and strengthening security measures is the only way to counter these ever-growing threats.

    Pietro Melillo
    Head of the Dark Lab group. A Computer Engineer specialised in Cyber Security with a deep passion for Hacking and technology, currently CISO of WURTH Italia, he was responsible for Cyber Threat Intelligence & Dark Web analysis services at IBM, carries out research and teaching activities on Cyber Threat Intelligence topics at the University of Sannio, as a Ph.D, author of scientific papers and development of tools to support cybersecurity activities. Leads the CTI Team "RHC DarkLab"