Booba Project — Ransomware Profile
Booba Project (also tracked as "Booba" and, on RansomLook, "Booba Team") is a data-extortion operation that surfaced in June 2026, operating a Tor leak site and negotiating with victims via a ProtonMail address (boobaproject@proton.me). Reporting to date describes a steal-and-leak model — exfiltrating victim data and threatening publication unless a ransom is negotiated — with no public confirmation of file encryption, no named tooling or exploited CVEs, and no vendor cluster attribution. Its first five publicly listed victims span the United States and Spain across food production, telecommunications, IT services, construction and business/entertainment services. There is no evidence that Booba Project is a rebrand of an established ransomware family; it remains an early-stage operation under observation.
Read the full analysis on IntelFusions