"Decryptor for Babuk Ransomware Variant Released After Hacker Arrested"
"Decryptor for Babuk Ransomware Variant Released After Hacker Arrested"
Cisco Talos researchers collaborated with Dutch police to obtain a decryption tool for the Tortilla variant of Babuk ransomware and shared intelligence that resulted in the arrest of the ransomware's operator. Tortilla is a Babuk ransomware variant that appeared in the wild shortly after the original malware's source code was leaked on a hacker forum. The threat actor used ProxyShell exploits on Microsoft Exchange servers to deploy the data-encrypting malware.