After the Babuk ransomware operators have announced that they decided to close the affiliate program and move to data theft extortion, the group seems to have returned to their previous methods of encrypting corporate systems.