© naftemporiki.gr According to the BBC, this ransomware, which has been given the name “Bad Rabbit”, has affected major Russian websites, an airport in Ukraine and the metro in Kiev.
An epidemic of a new “ransomware” (malware that prevents the user from accessing his computer files) occurred in Russia, Ukraine and elsewhere.
According to the BBC, this ransomware, which has been given the name “Bad Rabbit”, has affected major Russian websites, an airport in Ukraine and the Kiev subway. The head of the responsible cybercrime agency in Ukraine confirmed to Reuters that the disputed ransomware was Bad Rabbit, which is similar to WannaCry and Petya, similar viruses that caused problems earlier in the year. Chief of the Russian cyber-security company Group-IB, Ilya Sachkov, told the TASS news agency that to some of the businesses that have been hit, everything paralyzed, as they encrypted servers, workstations, and so on. It is noted that, according to the BBC, Interfax and Fontanka.ru were among the websites affected.
According to an analysis by Kaspersky Lab specialists, the “Bad Rabbit” fragmentation algorithm is similar to the one used in the “ExPetr” attack. In addition, as reported in a report, experts have found that both attacks use the same domains, and similarities in the corresponding source codes indicate that the new attack is linked to the creators of ExPetr.
Kaspersky Lab’s research shows that the attackers behind this operation were preparing for it at least since July 2017, creating their network of “infection” into hacked websites, which are mainly media and news sources.
According to the Kaspersky Lab research, Bad Rabbit hit almost 200 targets, located in Russia, Ukraine, Turkey and Germany. All attacks took place on October 24 and no new attacks have been detected since then. Researchers note that since the “infection” became more widespread and security companies began to investigate, the attackers immediately left the malicious code they had added to the infected sites.
Biatssev Zacorjevski, head of Kaspersky Lab’s Anti-Malware research team, commented:
“According to our data, most of the victims of these attacks are in Russia. This ransomware program “infects” the devices through some hacked Russian media websites. Based on our research, this was a targeted attack against corporate networks, using methods similar to those used in the attack “ExPetr”.
Bad Rabbit encrypts the files of a computer and asks for ransom – on the present 0,05 bitcoins, corresponding to $280. Security firm Eset said the malware in question is spreading through a fake update for Adobe Flash.
As the Guardian says, the malware code has an unusual feature: It is spooked with references to pop culture, such as two dragon names from “Game of Thrones”, the name of a character (Gray Worm) and others.
(Συνολικές Επισκέψεις: / Total Visits: 8)
(Σημερινές Επισκέψεις: / Today's Visits: 1)