Babuk Locker 2.0: The New Ransomware Affiliate Program

Pietro Melillo : 13 March 2025 22:54

Babuk, one of the most notorious ransomware groups in cybercrime, has launched the Babuk Locker 2.0 Affiliate Program 2025, an affiliate program for skilled hackers looking to profit from ransomware attacks. This program, published on their data leak site, introduces new advanced features and a more structured model for those wishing to join their criminal network.

How the Program Works

Babuk Locker 2.0 accepts affiliates from all over the world, regardless of language or origin, provided they have experience in penetration testing and compromising IT systems. Their goal is clear: maximize profits through targeted attacks and manage ransom payments more efficiently. The platform allows affiliates to independently handle communications with victims and extortion operations.

New Features of the Platform

The new version of Babuk Locker introduces several features to simplify cybercriminal operations, including:

• Tor-based control panel: An interface for managing attacks and negotiating ransoms.
• Chat with victims: A messaging system with notifications and file transfer.
• Decryption verification: The ability to demonstrate to victims that the ransomware can effectively restore files.
• Babuk Stealer: A module for stealing data before encryption.
• Automatic data upload: Affiliates can upload stolen information directly to the group’s blog.
• Network scanner: To identify shared resources within the victim’s network.
• Automatic ransomware distribution: The malware spreads without the need for scripts or advanced configurations.

How Much Affiliates Earn

Iscriviti GRATIS alla RHC Conference 2025 (Venerdì 9 maggio 2025)

Il giorno Venerdì 9 maggio 2025 presso il teatro Italia di Roma (a due passi dalla stazione termini e dalla metro B di Piazza Bologna), si terrà la RHC Conference 2025. Si tratta dell’appuntamento annuale gratuito, creato dalla community di RHC, per far accrescere l’interesse verso le tecnologie digitali, l’innovazione digitale e la consapevolezza del rischio informatico.

La giornata inizierà alle 9:30 (con accoglienza dalle 9:00) e sarà interamente dedicata alla RHC Conference, un evento di spicco nel campo della sicurezza informatica. Il programma prevede un panel con ospiti istituzionali che si terrà all’inizio della conferenza. Successivamente, numerosi interventi di esperti nazionali nel campo della sicurezza informatica si susseguiranno sul palco fino alle ore 19:00 circa, quando termineranno le sessioni. Prima del termine della conferenza, ci sarà la premiazione dei vincitori della Capture The Flag prevista per le ore 18:00.
Potete iscrivervi gratuitamente all'evento utilizzando questo link.

Per ulteriori informazioni, scrivi a [email protected] oppure su Whatsapp al 379 163 8765

Supporta RHC attraverso:

• L'acquisto del fumetto sul Cybersecurity Awareness
• Ascoltando i nostri Podcast
• Seguendo RHC su WhatsApp
• Seguendo RHC su Telegram
• Scarica gratuitamente "Dark Mirror", il report sul ransomware di Dark Lab

Ti piacciono gli articoli di Red Hot Cyber? Non aspettare oltre, iscriviti alla newsletter settimanale per non perdere nessun articolo.

Babuk Locker 2.0 enforces a fixed 10% commission on ransom payments received by affiliates. Each affiliate negotiates directly with the victim and then transfers the required percentage to the Babuk group. To ensure participant credibility, the program requires a $25,000 USD deposit in Bitcoin, a strategy aimed at filtering out law enforcement infiltrators or undercover investigators.

Who Can and Cannot Be Targeted

Babuk has established some rules regarding attack targets:

• Prohibited attacks on critical infrastructure: Nuclear power plants, public hospitals, and post-Soviet organizations are off-limits.
• Allowed targets: Private companies, for-profit educational institutions, pharmaceutical firms, and aesthetic clinics.
• Encouraged attacks: Law enforcement agencies and government organizations involved in cybercrime investigations.

Conclusion

The Babuk Locker 2.0 Affiliate Program 2025 demonstrates how ransomware is becoming more sophisticated and structured. With increasingly advanced tools and direct control over negotiations, the Babuk group positions itself as one of the most dangerous actors in the cybercriminal landscape. For companies, staying vigilant and strengthening security measures is the only way to counter these ever-growing threats.

Pietro Melillo
Head of the Dark Lab group. A Computer Engineer specialised in Cyber Security with a deep passion for Hacking and technology, currently CISO of WURTH Italia, he was responsible for Cyber Threat Intelligence & Dark Web analysis services at IBM, carries out research and teaching activities on Cyber Threat Intelligence topics at the University of Sannio, as a Ph.D, author of scientific papers and development of tools to support cybersecurity activities. Leads the CTI Team "RHC DarkLab"