Remove Babyk Ransomware

The Babyk Ransomware is a file-encryption Trojan whose creators claim to be part of the team responsible for the Babuk Locker Ransomware. However, there is not yet enough information to determine whether the two gangs are related or if Babyk Ransomware's creators are trying to piggyback on Babuk Locker's popularity. Another recent variant of the Babuk family is the PayloadBIN Ransomware.

Regardless of whether they are saying or truth, there is no denying that the Babyk Ransomware is a dangerous threat. It has the ability to encrypt a large portion of files on the victim's machine. In addition to this, it will delete Shadow Volume Copies to make data recovery even more difficult. Last but not least, it renames the files it locks by using the '.babyk' extension, and then drops the 'How To Restore Your Files.txt' ransom message.

Babyk Ransomware Operators Ask for 0.006 Bitcoin

The ransom note says that victims will need to pay 0.006 Bitcoin to receive a decryptor. The email that the criminals use to confirm payments and answer questions is babuckransom@tutanota.com. Allegedly, victims who pay will receive a 'decryptor.exe' file, which will guide them through the data recovery process.

While this might sound a very simple solution, we assure you that paying the ransom fee is a bad idea. 0.006 Bitcoin cost about $200 at the time of writing. However, do not forget that once you send the money, it will be impossible to reverse the transaction. This means that there is nothing to stop the hackers from extorting you for more money, or ignoring your messages. Trusting ransomware operators is never a good idea – the risk of getting scammed is too high.

Victims of the Babyk Ransomware need to try out alternative file recovery options. Their top priority should be to remove the malicious application by running an up-to-date anti-malware tool. After this, they can start recovering files from a backup or experiment with other data recovery tools.