Skip to content
Ransomware group

Booba Project

Booba Project is a ransomware and data-extortion threat actor active by at least 2026.

Profile source: Mallory opens in a new tab

Booba Project

Family profile

Booba Project is a ransomware and data-extortion threat actor active by at least 2026. The group has been publicly associated with intrusions against organizations in the business services sector and has claimed attacks affecting victims in multiple countries, including the United States and Russia. Reported incidents attributed to Booba Project involve ransomware deployment accompanied by theft of victim data, indicating a double-extortion operating model in which encryption and exfiltration are both used to pressure victims.

Observed victimology includes service-oriented and business-focused organizations, with reported compromises affecting facilities services, entertainment-related business services, and other commercial entities. Publicly attributed incidents indicate that the group advertises the volume of stolen data as part of its extortion posture.

High-confidence reporting currently supports identifying Booba Project as a ransomware extortion group, but there is insufficient verified public information in this dataset to attribute it to a specific nation state, establish a broader malware lineage, or confirm formal sub-groups. The primary known alias in current reporting is booba_project, while the most recognizable presentation is Booba Project.

Ransomware.live

Operational record

View group record β†—

Ransomware.live

Recent claims

All published claims β†—

We appreciate you

Derp wouldn't exist without the work these projects do for the security community. We rely on their data sources to improve the quality and depth of what we publish. Thank you, we're genuinely grateful.