Babuk RANSOMWARE Leak Site (Dark Web Documentary #09)
Vložit
- čas přidán 27. 07. 2024
- Help the channel grow with a Like, Comment, & Subscribe!
❤️ Support ➡ j-h.io/patreon ↔ j-h.io/paypal ↔ j-h.io/buymeacoffee
Check out the affiliates below for more free or discounted learning!
🖥️ Zero-Point Security ➡ Certified Red Team Operator j-h.io/crto
💻Zero-Point Security ➡ C2 Development with C# j-h.io/c2dev
🐜Zero2Automated ➡ Ultimate Malware Reverse Engineering j-h.io/zero2auto
🐜Zero2Automated ➡ MISP & Malware Sandbox j-h.io/zero2auto-sandbox
⛳Point3 ESCALATE ➡ Top-Notch Capture the Flag Training j-h.io/escalate
👨🏻💻7aSecurity ➡ Hacking Courses & Pentesting j-h.io/7asecurity
📗Humble Bundle ➡ j-h.io/humblebundle
🐶Snyk ➡ j-h.io/snyk
🤹♀️SkillShare ➡ j-h.io/skillshare
🌎Follow me! ➡ j-h.io/discord ↔ j-h.io/twitter ↔ j-h.io/linkedin ↔ j-h.io/instagram ↔ j-h.io/tiktok
📧Contact me! (I may be very slow to respond or completely unable to)
🤝Sponsorship Inquiries ➡ j-h.io/sponsorship
🚩 CTF Hosting Requests ➡ j-h.io/ctf
🎤 Speaking Requests ➡ j-h.io/speaking
💥 Malware Submission ➡ j-h.io/malware
❓ Everything Else ➡ j-h.io/etc
Thank you for deep diving into these data dumps and risking getting on the bad side of CZcams in order to raise awareness John. Truth be told most of these organisations most likely have very little idea to what extent they have been compromised and what types of data has been stolen from their systems.
CZcams loves MAP's...
As usual, amazing content John. Thank you.
Off-limit entities, rules, and pretending to be a professional IT service....... The mental gymnastics this group is going through to attempt to morally justify their behavior is next level.
Interesting series. I've been enjoying these.
This series is so interesting, thanks for sharing this! You're a cyberhero, John
Love your videos, keep it up.
Thank you for drilling down into this for us, was very informative
for those who don’t know Babuk is defunct afaik, one of their developers first leaked their builder, & then leaked the src to the ransomware.
Fun fact: Babuk is the second fastest ransomware behind Lockbit.
Fun…
I saw you at Blackhat! I was working as one of the conference associate team leads and couldn't step away 😥
Hi
I've really been enjoying this series. You should team up with the mob reporter for one of these haha
Loved it. Always insightful.
just like everyone else in the comment section - great work - thanks for your time John
From 36k to nearly 500k sub you're amazing man
You should totally go in Jack Rhysider's Darknet Diaries podcast.
You're my hero!
That was great, more of those, please!
Feds to John - Why are you visiting the Dark Web 👮?
John - For educational, historic and scientific purposes
Feds - Alright, have a nice day
Visiting Dark web is not illegal tho
@@k4m1kazep1lot4 that's why they just ask and wish him a nice day. curious bunch the feds ^_^°
The term "audit" cracks me up. We are not stealing we are auditing.
Nice content!
Great insight
Thank you John 😊
Such a good people. Non-malicious activity and out of a good heart for sure
Hi John. I’m work as a cybersecurity specialist for an organization here in the U.S. Out of curiosity, where do you get your sources to find sites like these? They may come in handy for future research.
His previous video #8 went into this a little bit some index of sites that listed some of these organisations Onion addresses.
There’s a clear net site I’ve used with tons of success called ransom wiki or something similar.
KEEP GOING BRO
You could try hashing things like the date or the name of the effected company and see if you can produce the same hash and then enumerate with a wordlist of known victims of babuk / iterate the date
Where can I find the other 8 video's? Is there a playlist for this?
Hello, I know it's not on topic, but in Ur old videos (atleast those are what im watching) You always say, "well that's how it is on linux, and if U're not on linux You should wonder why You aren't."
And it really made me wonder what's the difference in everyday life usage? if we dont count executable like playing games and maybe being the real owner of OS/PC, that just leaves us with different libraries for programming? I really am curious, because there's defienietly something that im missing, would much appreciate, a link to a video explaining (if one as such exists) or just a reply. Anyway Thanks a lot for the content U have made in the past and probably future, once I get to that point :- D
quick technical question:
They say they use symmetric encryption. I am somewhat confused about that, wouldn't it make more sense for a ransomware to use asymmetric keys? If my understanding is right, with a symmetric key, the same key used for encryption could be used for decryption, this doesn't defeat the purpose of the whole attack, since theoretically the key could be extracted from the ransomware executable?
they use the key to encrypt it and delete the key
@@k4m1kazep1lot4 could you please elaborate?
I can get and to a degree respect the notion of "Hey we dont target these X targets, it crosses my personal moral barrier" (which if you dont believe, do you think every thief is willing to commit murder? Most criminals are still going to have that ceiling for how much harm theyre willing to commit and that ceiling is gunna vary from person to person).
But oh boy that about us is such a weird mix of gaslighting and copium lol Its gotta be a joke that they just think its funny to couch things in that language.
Best series
John has discovered that videos about the dark web have more visits
Thanks👍
good video
I always sit and wonder if the people from Anonymous, Babuk or other groups might be watching these videos, chuckling to themselves in a dark room with a singular desk lamp on and their hood up 🤣
Just forget the hood.
hey my brother , thank you first of all , and ll have fews question for you if u have times ... let me know .. im definetely better in french or spanish but lm able to talk with u in your language sorry if ll look weird . thank u again.
My question is, how do you find these websites?
Greate job
Just think what going to be further…. 🤔
One interesting thing I picked up quickly was the views number. They are all suspiciously similar. I suspect they are fake. Not the most important information or takeaway from this but thought I'd point this out as another pin in the list of dodgy things you can pick up from just looking at the sites.
The name reminds me of Babadook, spooky, haha
12:35 that text right there is based
Mr. John
Sinister folks
Quite the predicament to end up in. Do you pay with whatever good faith you can scrounge together for this extortion ? Do you ignore it and hope it’s not real? Do you assume it’s already been leaked and it’s a loss loss ? None of these outcomes are good
@Hoxton interesting point!
That's true what @Hoxton says and it is effective. Make paying ransom a crime and the gangs have to seek another "business model".
Trivia: For example, in Italia it is even a crime to pay ransom in real kidnappings.
"Don't feel good about this" - while uploading this to youtube for all to see.
Too early
Just by reading their text I can tell that someone russian wrote it lmao
Is their any way to decrypt RSA SALSA20 encrypted files?
yes, with the key.
600,000+ views is disturbing
There's a lot of fake view counters on these sites.
5:36, got it, they threaten stochastic cyber attacks under ransom.
Pronounce like BabUk with hard U. Russian transcription = Бабук.
babuk! I haven't been able to ask anyone 😂😂
Crimes have different severity associated. I do think its respectable and seen as less "evil" if they don't do it to hospitals or non-profit institutions. I understand why you smirked and frowned upon these supposedly "ethical" boundaries, but give it a second thought, its not about them thinking that its "alright to do it to big companies", its them thinking that it's worse if they do it to those who're helping society in a more direct way.
Sounds like ransom for me 😂😂😂
It's always nicer when someone who is stabbing you out of nowhere tell you : "Good day, do you want to buy this bandage for me ? You are welcome" :)
By the way it did say "penetration of the entity Elon Musk" right ?
Certainly non kosher
Am i shadow banned here?
😨
LOL everything that even remotely looks like an URL gets your comment *silently* removed.
This is a very shitty practice that makes me want to un-heal their Board of Directors or something like that... 😠
2nd :D
*Shivers*
I do believe we in the community should "audit" groups like babuk and encrypt their crap. Or fry their gear. I prefer the Fry option.
noice
First :D
fifth :)
3Rd
Here's a business plan. Pwn zoominfo, exfil the website access logs, see who's looking up xyz company that's just been ransomed, grab the perp's IP (these groups are shit so probably bad opsec), blackmail the perps, profit.
I truly hope you are joking.