{
	"id": "38e307c9-94bd-4d69-a627-d87d664a5840",
	"created_at": "2026-04-06T00:16:19.106736Z",
	"updated_at": "2026-04-10T03:21:30.085424Z",
	"deleted_at": null,
	"sha1_hash": "b356b9599c169571ec3bf08325cd94654355b2ad",
	"title": "Babyk Ransomware won't hit charities, unless they support LGBT, BLM",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 2656819,
	"plain_text": "Babyk Ransomware won't hit charities, unless they support LGBT, BLM\r\nBy Lawrence Abrams\r\nPublished: 2021-02-02 · Archived: 2026-04-05 21:11:14 UTC\r\nThe Babyk ransomware operation has launched a new data leak site used to publish victim's stolen data as part of a double\r\nextortion strategy. Included is a list of targets they wont attack with some exclusions that definitely stand out.\r\nIn 2019, the Maze ransomware operation introduced a new double-extortion strategy of stealing unencrypted files and then\r\nthreatening to publicly release them on data leak sites if a ransom is not paid.\r\nSoon after, other ransomware gangs adopted this strategy until it has become a popular method for threat actors to extort\r\ntheir victims.\r\nhttps://www.bleepingcomputer.com/news/security/babyk-ransomware-wont-hit-charities-unless-they-support-lgbt-blm/\r\nPage 1 of 5\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/babyk-ransomware-wont-hit-charities-unless-they-support-lgbt-blm/\r\nPage 2 of 5\n\nVisit Advertiser websiteGO TO PAGE\r\nBabyk launches a data leak site\r\nBabyk ransomware, also known as Babuk, is a new ransomware operation that launched at the beginning of the year and has\r\nbeen targeting enterprise organizations worlwide.\r\nWhen first launched, the ransomware gang was leaking their data in posts on the 'Raid Forums' hacking forum but had stated\r\nthat they planned on launching a dedicated leak site.\r\nEmsisoft security researcher Brett Callow shared a new site recently created by the Babyk Ransomware group where they\r\nare currently listing four victims, and the leaked data for three of them.\r\nLockBit data leak site\r\nIncluded on the data leak site is a list of organizations that they will not encrypt, which includes hospitals, non-profits,\r\nschools, and small businesses.\r\nhttps://www.bleepingcomputer.com/news/security/babyk-ransomware-wont-hit-charities-unless-they-support-lgbt-blm/\r\nPage 3 of 5\n\nOrganizations that won't be attacked\r\nFor each of these categories, the ransomware gangs lists the following exclusions:\r\nWe do not audit next categories of organizations\r\nHospitals: except private plastic surgery clinics, private dental clinics\r\nNon-Profit: Any non-profitable charitable foundation (except the foundations who help LGBT and BLM)\r\nSchools: except the major universities\r\nSmall Business: Companies with annual revenue less than 4 mln$ (info about revenue we take from zoominfo)\r\nBleepingComputer has seen exclusion in the past for healthcare and what ransomware actors call \"socially vital\" services,\r\nsuch as 911, shelters, and nursing homes.\r\nThe exclusions for non-profits is the first time BleepingComputer has seen personal opinions dictate whether a ransomware\r\noperation will encrypt an organization.\r\nWith the release of Babuk's site, there are now a total of ninteeen active ransomware data leak sites used in the double\r\nextortion tactic.\r\nhttps://www.bleepingcomputer.com/news/security/babyk-ransomware-wont-hit-charities-unless-they-support-lgbt-blm/\r\nPage 4 of 5\n\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/babyk-ransomware-wont-hit-charities-unless-they-support-lgbt-blm/\r\nhttps://www.bleepingcomputer.com/news/security/babyk-ransomware-wont-hit-charities-unless-they-support-lgbt-blm/\r\nPage 5 of 5",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"Malpedia"
	],
	"references": [
		"https://www.bleepingcomputer.com/news/security/babyk-ransomware-wont-hit-charities-unless-they-support-lgbt-blm/"
	],
	"report_names": [
		"babyk-ransomware-wont-hit-charities-unless-they-support-lgbt-blm"
	],
	"threat_actors": [],
	"ts_created_at": 1775434579,
	"ts_updated_at": 1775791290,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/b356b9599c169571ec3bf08325cd94654355b2ad.pdf",
		"text": "https://archive.orkl.eu/b356b9599c169571ec3bf08325cd94654355b2ad.txt",
		"img": "https://archive.orkl.eu/b356b9599c169571ec3bf08325cd94654355b2ad.jpg"
	}
}