New ransomware hits companies in Russia, Europe

New ransomware hits companies in Russia, Europe

The warning advises against paying ransoms and, instead, encourages victims to report infections to the Federal Bureau of Investigation through the government's Internet Crime Complaint Center. As per incoming reports, this ransomware has been spotted in parts of Russian Federation and Ukraine, as well as countries such as Bulgaria, Turkey, Germany, Poland and South Korea.

The malware is hitting media companies across the continent, and three have confirmed the attack at the time of writing. Two major global attacks earlier this year - NotPetya and Wannacry - caused widespread disruption affecting businesses, government institutions and hospitals.

The ransom payment initially demanded is.05 of a bitcoin, or $280 per computer, Kasperksy Lab said. If the victim fails to make a payment in the allotted time the price increases.

The malware attacks are disturbing because attackers quickly infected critical infrastructure, including transportation operators, indicating it was a "well-coordinated" campaign, said Robert Lipovsky, a researcher with cyber firm ESET.

"It has been targeting organizations and consumers, mostly in Russian Federation but there have also been reports of victims in Ukraine." the Kaspersky Lab experts said.

According to Kaspersky Lab, there were nearly 200 targets.

Kaspersky explains that the ransomware appears to be targeting corporate networks in a manner similar to the Petya ransomware, but it isn't clear at this point whether Bad Rabbit is related to Petya.

Group-IB also identified similarities between the NotPetya code and that of Bad Rabbit.

So far, Bad Rabbit's geographic spread resembles that of NotPetya, Brenner says.

The Bad Rabbit malware enters enterprise networks when a user on network runs a phony Adobe Flash Player installer posted on a hacked website.

We haven't tried out Serper's method ourselves, and while we can vouch for his character - he's a well-known and well-respected malware researcher - you'll be doing this at your own risk.

It is believed to be behind the trouble and has spread to Russia, Ukraine, Turkey and Germany.

"In this example the initial vector wasn't a sophisticated supply chain attack". The websites are carefully selected for compromise so that they will have the most direct reach to the ultimate targets with minimal collateral damage.

From Russia, the ransomware spread to Ukraine's Odessa Airport as well as several prominent institutions that were also targeted by the previous NotPetya malware. "We now have no evidence that the EternalBlue exploit is being utilized to spread the infection", Cisco Talos researchers have said.

It's unclear who's behind Bad Rabbit, but the attackers appear to be "Game of Thrones" fans.

Interestingly, Malwarebytes says that Bad Rabbit does not use EternalBlue to spread, while Rowan thinks it does.

Vaccine for Bad Rabbit arrives...

...

That's it, this is how you can secure your Windows PC against the Bad Rabbit ransomware.

Previous viruses were mainly crawled through the hole in Windows, so the attack were the computers with this operating system. Affected users are also being asked not to pay ransom to the hackers as there's no guarantee that the latter would stick to their word.

Artículos relacionados

  • On edge leading up to ALCS Game 7 — Yankees notebook

    On edge leading up to ALCS Game 7 — Yankees notebook

    It's the first World Series with two 100-win teams since 1970, when the Baltimore Orioles faced off against the Cincinnati Reds . Hinch's club capped its rise by beating Boston in the ALDS, then stopping the Yankees 4-0 Saturday night in Game 7 of the ALCS.
    Tottenham vs Liverpool breaks Premier League attendance record

    Tottenham vs Liverpool breaks Premier League attendance record

    Dele Alli scored Tottenham's third goal in the 45th minutes before Kane made it fourth 11 minutes after. Liverpool are a great team with a great manager.
    Jose Mourinho updates on Manchester United's injured players

    Jose Mourinho updates on Manchester United's injured players

    Manchester United can come away from their trip to Lisbon full of confidence following another professional, disciplined display. Jose Mourinho is cut from a similarly successful cloth, and he has United's reconstruction project seemingly ahead of schedule.
  • MeToo works for Lane women, too

    MeToo works for Lane women, too

    Cases such as Carlson's - Ailes kept pushing her for sex so that she would "be good and better" - were more clear-cut than mine. Where do I file that? This issue became personal to me when someone close to me was the victim of a sexual assault.

    Decision to stay at Spurs was justified — Lloris

    He also denied international teammate Karim Benzema from close range in what was the standout moment of the nail-biting encounter. Madrid had Navas back in goal while Isco came into the starting line-up and Luka Modric lined up against his former club.
    HTC Confirms November 2 Event, Definitely U11 Plus Device Launch

    HTC Confirms November 2 Event, Definitely U11 Plus Device Launch

    The HTC U11 Plus is the device expected to launch but we may see other new products too, maybe the standalone Daydream VR headset. What will it cost? In addition, the phone will be powered by Qualcomm Snapdragon 630 octa-core processor with 2.2GHz clock rate.
  • More information and twists on the Miami Dolphins quarterback situation

    More information and twists on the Miami Dolphins quarterback situation

    That day I wrote the Dolphins had decided Cutler was their starter the rest of the year barring an unforeseen injury. Strong safety Jaquiski Tartt (Davidson, Samford ) and free safety Jimmie Ward (Davidson) of the San Francisco 49ers.
    Samuel Molina: Valley congressmen must act to save our health care

    Samuel Molina: Valley congressmen must act to save our health care

    Blue Cross and Blue Shield said it will remain on Illinios' exchange, despite the decision to end subsidy payments. Seven in 10 Americans said they are either not too confident or not at all confident that cooperation can happen.

    Google launches bug bounty program for Android apps

    The search giant has continued to fortify Play Store against criminals' tricks, but the problem has also continued to persist. The main purpose of the Try Now feature is that it will tell you which apps are supported by Android Instant Apps.
  • Houston Astros Are Headed To The World Series

    Houston Astros Are Headed To The World Series

    As a die-hard Astros fan (and lover of all things rainbow throwback) I have been searching for that very sweater for months. The 29-year-old went 13-2 with a 3.00 ERA, 1.19 WHIP and 161 strikeouts in 132.1 innings during the regular season.

    Why You Shouldn't Buy the Pixel 2 XL Yet

    This is a very limited window for a problem that may not potentially be completely figured out before the end of the month. We've got Android 8.0 builds of OPD1.170816.010, OPD1.170816.011, OPD1.170816.012, and OPD3.170816.012 for both phones.
    Hamilton leads damp first USGP practice at COTA, Hartley debuts

    Hamilton leads damp first USGP practice at COTA, Hartley debuts

    There are a lot of interesting things forecast over these next 18 months, so I guess that's an exciting and uplifting thing. Hamilton feels at home in Texas, having won at the Circuit of the Americas the last four years with Vettel winning in 2012.