Keypoints:
- Babuk2, operating under the alias Bjorka known for targeting the Indonesian government, has resurfaced in 2025, listing Indonesia among its claimed victims.
- Despite claims of new massive data breaches, evidence suggests Babuk2 primarily recycles data from previous incidents and uses rebranded tactics, including code from LockBit 3.0.
- Babuk2’s strategy appears to focus on leveraging the notoriety of both the original Babuk ransomware and Bjorka’s past activities to instill fear and pressure victims into paying.
What the Indonesian Government and Related Institutions Should Do:
- Investigate the veracity of Babuk2’s claims of data breaches targeting Indonesian government entities and publicly communicate verified findings to build trust and counter misinformation.
- Strengthen the cybersecurity posture of government agencies by reinforcing endpoint security, mandating regular patching, and implementing network segmentation to mitigate risks from known ransomware tactics.
What Indonesian Citizens Should Know and Do:
- Be wary of claims made by threat actors like Bjorka and Babuk2 regarding data breaches, as much of their activity may involve recycled information and exaggerated impact.
- Organizations should prioritize robust data backup and recovery plans, ensuring offline storage, to minimize the potential impact of ransomware attacks, regardless of the threat actor’s actual capabilities.
Read More..
https://www.hendryadrian.com/dark-web-profile-babuk-babuk2/