Mercredi, 19 Décembre 2018
Latest news
Main » The 'Bad Rabbit' Cyberattack Hit Almost 200 Targets In Eastern Europe

The 'Bad Rabbit' Cyberattack Hit Almost 200 Targets In Eastern Europe

25 Octobre 2017

A tweet by Group-IB shows a countdown timer displayed along with the message on-screen. The victim is instructed to send 0.05 bitcoin (about $280) to a specific Bitcoin wallet.

Kaspersky's report also noted the booby-trapped websites "were news or media websites". Two Russian news outlets, Interfax and Fontanka, also had outages. The technical services shall take all measures to restore the work systems. "Since the endpoint is ground-zero for ransomware attacks, what organizations need is the ability to detect and put a stop to malicious behavior as early as possible in the kill chain". One cybersecurity company said the malware had been detected in other countries, including the U.S. "As long as there is money to be made or destruction to be had these threats are going to continue", Cisco's Talos warned.

The security firm found that infections were growing. The attack also affected computers in Ukraine, Turkey, Bulgaria, and Germany, Wired writes, adding that so far the outbreak is far smaller than NotPetya, which spread out from Ukraine to infect government and corporate networks in Russian Federation and and as far as Australia.

"The unsafe aspect is the fact that it was able to infect many institutions which constitute critical infrastructure in such a short timeframe", Robert Lipovsky, a malware researcher from ESET.

Kaspersky's Alex Perekalin writes, "According to our findings, the attack doesn't use exploits". Bad Rabbit, by contrast, reportedly does decrypt the hard drive upon entry of the correct password.

So far there haven't been any attacks seen in the UK.

Kaspersky explains that the ransomware appears to be targeting corporate networks in a manner similar to the Petya ransomware, but it isn't clear at this point whether Bad Rabbit is related to Petya. "However, we can not confirm it is related to ExPetr", the team added. Furthermore, the ransom price would increase if the amount is not paid in a short span of time.

According to the Russian company in computer security, " almost 200 targets have been hit", mainly in Russia but also in Ukraine and, to a lesser extent, in Turkey and in Germany. None of the banks has reported any attacks. Unfortunately, they downloaded the malware itself in the process. The dropper appears as an Adobe Flash installer, meaning targets are essentially infecting themselves.

The previous Petya cyberattack spread via a hacked update from a company called MeDoc.

A new ransomware attack is now spreading across Europe in an outbreak that carries echoes of the WannaCry and Petya attacks that hit scores of PCs earlier in 2017. Anyone who visits these domains will be redirected to the Bad Rabbit network on the Tor dark web. On Tuesday, the security community started tracking a new outbreak of ransomware which has affected hundreds of computers in Russian Federation.

While this kind of outbreak may suggest attackers have exploited a security vulnerability, that is actually not true.

But there was little consensus from experts on the details.

The 'Bad Rabbit' Cyberattack Hit Almost 200 Targets In Eastern Europe