'Bad Rabbit' Ransomware Strikes Russia, Ukraine, Turkey, Germany

A new ransomware is spreading across Europe by tricking victims into installing it by pretending to be a software update.

Bad Rabbit infects a number of file types, including the common.doc, .docx., and.jpg. It has also been detected in other countries including the U.S., Germany and Japan. The Computer Emergency Response Team (CERT) has alerted the users about the latest ransomware, which is spreading in parts of Russian Federation and Ukraine, as well as countries such as Bulgaria, Turkey, Germany, Poland and South Korea. However, considering that the ransomware is similar to the one used earlier this year, it'll be better to implement security solutions on your own. The ransom note and payment page demands around $280 in Bitcoin and gives a 40-hour deadline for payments to be made.

Ransomware attacks - malware that encrypts a victim's data and refuses to release it unless they pay a ransom, typically in digital currency bitcoin - have emerged as one of the greatest new business interruption threats. Interfax confirmed on Twitter that it was impacted by the attacks.

Instances of Bad Rabbit have been found in Germany and Turkey, according to Kaspersky.

McAfee asserts the attack originated in Russian Federation and the Ukraine, but reports of infected systems in Germany, Turkey and Bulgaria are now being investigated.

Group-IB believes that attackers who used Bad Rabbit to attack could have been associated with the sale of traffic or had been drawn a group from this sphere into active work.

Experts said there were clear links between the two viruses.

Oakland Raiders vs. Denver Broncos Preview and Prediction
But he was also sacked four times as pass protection broke down under the pressure of Khalil Mack and Mario Edwards . If he is out all five games and the Raiders win three of the five, they will be 5-4 and still in the wild card mix.

Dubbed as Bad Rabbit by researchers, initial reports suggest the ransomware is similar to the NotPetya outbreak earlier this year. "However, we can not confirm it is related to ExPetr".

The Bad Rabbit ransomware spreads through "drive-by attacks" where insecure websites are compromised. "First, it scans internal network for open SMB shares." the ESET analysis reads.

Speaking to SmartCompany, practice manager at Melbourne-based ethical hacking company HackLabs, Michael McKinnon, says Bad Rabbit has all the indications of an "old-school attack", specifically referring to the infection point relying on human interaction and error over standalone system exploits.

A new ransomware attack similar to the damaging NotPetya attack that crippled computer systems in Ukraine last summer began affecting computers in Russian Federation and elsewhere yesterday. The ransomware code contains references to characters from the popular book and TV series like Grey Worm and Daenerys' dragons.

Wisniewski said, "The key is to provide these protections at all layers as many times the threat will mutate and be able to dodge some layers of protection".

TeleBots' obsession with Ukraine came forward in June, when the NotPetya ransomware infected mostly Ukrainian users, between 60% and 70% of all infections.

According to malware researcher James Emery-Callcott, the ransomware campaign is slowly dying down.


Popular

CONNECT