Hackers Threaten to Leak D.C. Police Informants’ Info If Ransom Is Not Paid

Cyber Security

The Metropolitan Police Department (MPD) of the District of Columbia has become the latest high-profile government agency to fall victim to a ransomware attack.

The Babuk Locker gang claimed in a post on the dark web that they had compromised the DC Police’s networks and stolen 250 GB of unencrypted files. Screenshots shared by the group, and seen by The Hacker News, include various folders containing what appears to be investigation reports, arrests, disciplinary actions, and other intelligence briefings.

Also called the DC Police, the MPD is the primary law enforcement agency for the District of Columbia in the U.S.

password auditor

The ransomware gang has given the department three days to heed to their ransom demand or risk leaking sensitive files that could expose police informants to criminal gangs.

“Hello! Even an institution such as DC can be threatened, we have downloaded a sufficient amount of information from your internal networks, and we advise you to contact us as soon as possible, to prevent leakage, if no response is received within 3 days, we will start to contact gangs in order to drain the informants, we will continue to attack the state sector of the usa, fbi csa, we find 0 day before you, even larger attacks await you soon,” the ransomware group said on their data leak site.

Babuk Locker is a relative newcomer in the ransomware landscape, with the group targeting transportation, healthcare, plastic, electronics, and agricultural sectors across the U.S., U.K., U.A.E., China, India, South Africa, Spain, Germany, and Italy at least since the beginning of 2021. The syndicate is also known for attacking Linux-based systems such as VMware ESXi.

password auditor

“The Babuk gang highlighted the key problem that all organizations face when confronting threats, and that is speed,” Cymulate CTO Avihai Ben-Yossef said. “The time it takes for known vulnerabilities to get patched on all systems is too long. Defenders that rely on manual security testing methodologies are unable to match the pace of threat actors in finding security gaps and fixing them.”

Articles You May Like

Hackers Exploited Zero-Day RCE Vulnerability in Sophos Firewall — Patch Released
Apple May Manufacture 25 Percent iPhone Handsets in India by 2025: Report
Google CEO Pichai tells employees not to ‘equate fun with money’ in heated all-hands meeting
Void Balaur Hackers-for-Hire Targeting Russian Businesses and Politics Entities
Chromecast With Google TV (4K) to Receive Android 12 Update Soon: All Details