Washington D.C.'s Metropolitan Police Department (MPD) admits to being the target of the latest ransomware attack after screenshots of sensitive data were leaked online.
The latest ransomware attack marks the 26th time a government agency has been hacked this year, and the third time for the police force in six weeks.
D.C. Police Department's Servers Compromised
The MPD finds itself in the crosshairs after a ransomware attack threatened to leak confidential information to the public.
According to the New York Times' report on Tuesday, Apr. 27, a ransomware gang called Babuk claimed responsibility for the attack and leaked screenshots of the stolen data for proof.
The leaked screenshots contained files related to operations, recorded gang members and "crew" operating in the D.C. area, and disciplinary records.
The gang puts one of the stolen files in the spotlight, which points to the arrests made after the Capital Building protests on Jan. 6.
Babuk also claimed to have obtained 250GB worth of unencrypted files and threatened to release them to the public if the police force fails to meet their demand in three days, including names of police informants to criminal gangs.
The ransomware group added that they would continue to attack "the state sector," including the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation (FBI).
The MPD released a statement confirming the cyberattack and said that the FBI is investigating the matter.
The report comes after a series of ransomware attacks had been targeting prominent corporations as of late.
Just a week ago, Apple was hit with a $50 million ransom after a hacker group obtained confidential schematics from one of the tech giant's manufacturers.
In this photo illustration a young man types on an illuminated computer keyboard typically favored by computer coders on January 25, 2021 in Berlin, Germany. In this photo illustration a young man types on an illuminated computer keyboard typically favored by computer coders on January 25, 2021 in Berlin, Germany.
Also Read: Ransomware Gang REvil Attacks PC Giant Acer and Demands $50 Million
Babuk Locker: The Newest Ransomware Operation of 2021
Babuk was first known to the public when BleepingComputer reported their existence on Jan. 5, where they explained how their ransomware attacks its victims.
According to their report, each Babuk Locker ransomware was customized to specific targets and contains a ransom note, hardcoded extension, and a Tor victim URL.
Chuong Dong, the security researcher who analyzed the ransomware, said that it includes secure encryption that prevents victims from recovering their lost data.
One of the most prominent victims of the Babuk ransomware is NBA's Houston Rockets, after 500GB worth of contracts and other important documents were stolen from them.
However, the ransomware gang's notoriety was downplayed on Apr. 14 after the cybersecurity firm Emsisoft discovered severe bugs decryptor in the ransomware.
"One of the bugs within the actual Babuk ransomware on ESXi is that files can be encrypted multiple times," Emsisoft's statement reads. "Multiple encryption layers are a nuisance, but ultimately just mean that with some manual effort a victim can still decrypt their data by simply decrypting the ransomed data again and again until all encryption layers have been removed."
Related Article: Ransomware Demands Two Bitcoins: Attack Disguises as Security Software Exploiting VPN Weakness, Two Manufacturing Plants Down
This article is owned by Tech Times
Written by Leigh Mercer
