27 April 2021

DC Police targeted in Babuk ransomware attack


DC Police targeted in Babuk ransomware attack

The Metropolitan Police Department, also known as the DC Police or MPD, has confirmed it was hit by a cyber attack after a ransomware gang leaked screenshots of some data allegedly stolen from the department.

“We are aware of unauthorized access on our server. While we determine the full impact and continue to review activity, we have engaged the FBI to fully investigate this matter,” the MPD said in a statement.

The culprit behind the attack appears to be Babuk Locker, a relatively new Russian-speaking ransomware group. The cybercriminals claim to have stolen more than 250 gigabytes of data belonging to the Metropolitan Police Department, including data on informants that it threatens to share with local criminal gangs unless police paid a ransom.

As proof of the hack, the gang has posted screenshots of some of internal files allegedly stolen from MPD’s server, including those related to operations, disciplinary records, and files related to gang members and 'crews' operating in DC.

The group gave the police officials three days to contact them, or "we will start to contact gangs in order to drain the informants."

The Babuk ransomware is a new ransomware threat discovered in 2021 that to date has impacted at least five big enterprises, including Spanish phone retail chain Phone House and the NBA’s Houston Rockets.

Back to the list

Latest Posts

The story of the four bears: Brief analysis of APT groups linked to the Russian government

The story of the four bears: Brief analysis of APT groups linked to the Russian government

In “The Four Bears” series we will tell you about the APT groups known as Fancy Bear, Cozy Bear, Voodoo Bear, and Berserk Bear.
17 January 2022
Cybersecurity year in review: Most notable APT hacks of 2021

Cybersecurity year in review: Most notable APT hacks of 2021

In 2021 nation-state actors somewhat faded into the background, but they still pose a significant threat.
17 January 2022
Hackers put up for sale data of 2M ONUS customers after the company refused to pay $5 million ransom

Hackers put up for sale data of 2M ONUS customers after the company refused to pay $5 million ransom

The attackers exploited the Log4Shell vulnerability on ONUS’ Cyclos server to plant backdoor and exfiltrate data.
30 December 2021