Buhti Ransomware Operation Repurposes Leaked Encryptors
Threat Level – Red | Vulnerability Report
Download PDFBuhti ransomware, linked to Blacktail threat actors, employs leaked code of LockBit and Babuk variants. By exploiting vulnerabilities like PaperCut NG, they exfiltrate data and distribute ransomware. The addition of a custom Golang exfiltration tool heightens the evolving threat.
What’s new on HivePro
Get through updates and upcoming events, and more directly in your inbox