The Bad Rabbit ransomware is spreading across Europe not long after the WannaCry and NotPetya outbreaks. But Bad Rabbit is a “targeted attack” with widespread implications.
A new cyber attack is affecting numerous computer systems around Europe. The new strain of ransomware known as “Bad Rabbit” is believed to be behind all of the trouble. Bad Rabbit has spread to Russia, Ukraine, Turkey, and Germany. Cybersecurity firm Kaspersky Lab, which is monitoring the malware, has compared it to the WannaCry and Petya attacks that caused so much chaos earlier in the year.
According to the Kaspersky Lab, the majority of victims are located in Russia, and the ransomware appears to have infected devices through the hacked websites of Russian media organizations. Interfax and Fontanka in Russia have both been hit by a cyber attack, as have Odessa Airport and the Kiev Metro in Ukraine.
“Based on our investigation, this is a targeted attack against corporate networks, using methods similar to those used in the ExPetr attack,” Kaspersky Lab has said. “However, we cannot confirm it is related to ExPetr.” According to Secure Lst, ExPetr is a wiper, not ransomware. “The dangerous aspect is the fact that it was able to infect many institutions which constitute critical infrastructure in such a short timeframe,” says Robert Lipovsky, a malware researcher at ESET, “which indicates a well-coordinated attack.”
Kaspersky also found strong evidence tying the new attack to the creators of NotPetya. After the June NotPetya outbreak, the company’s analysts found that one Ukrainian news site, Bahmut.com.ua, had been hacked to deliver the malware, along with dozens of other sites that were similarly corrupted—but hadn’t yet been activated to start infecting victims. Now Kaspersky has found that 30 of those hacked sites began to distribute the BadRabbit malware on Tuesday. –Wired
“This indicates that the actors behind ExPetr/NotPetya have been carefully planning the BadRabbit attack since July,” writes Costin Raiu, the director of Kaspersky’s global research and analysis team, in a note to Wired.
The cyber criminals behind Bad Rabbit are locking computers down and demanding 0.05 Bitcoin (roughly $277 at the time of this article’s construction) from victims, in exchange for the restoration of their devices. However, security experts always advise people against paying the ransom. This is because it encourages more attacks, and there’s no guarantee the attackers will actually honor their word and remove the malware from your device once you’ve paid the fee.
According to the Bad Rabbit ransom screen, the demanded fee will rise in the near future too.  NotPetya took down a number of Ukrainian government agencies and businesses in June, before spreading rapidly through corporate networks of multinationals with operations or suppliers in eastern Europe. According to Wire, Bad Rabbit is linked to NotPetya.
I wonder if it will come to the USA and if so, will it affect just PC’s, or can it seize apple computers as well?
I had a similar hack on my pc in US a few years ago. They wanted $400, I did not pay it. A computer friend could not save anything, all was lost including the computer. Back up all files, all we can do and let them rot where they will be heading.
Advice to all – learn to use at least one Linux-based system. Set up to be able to open/edit any file you now have that you wish to keep post-internet collapse. Video, documents, pictures…. What is coming is severe. NO antivirus will stop this. NO anti-mal/spyware will stop this. Keep your network in-house isolated from one station to the next. Know how to pull/disconnect as quickly as possible from any outside networking (i.e. the internet/bluetooth/cell WiFi). Just warning ya’ll. I’ve dealt with ransomeware in the past. Once infected – you lose. Forget some pay-off notion. Ain’t going to save a damned thing.
I’ve gotten ransomware messages and it is unnerving. Fortunately, the messages were a con and no damage.
Off topic – but,
Are they stopping all travel from there? NOPE.
“Black death warning in NINE countries – including Brit holiday hotspots – amid fears PLAGUE could spread on flights from Madagascar”
go to this site to see a map of the 9 countries
ht tps://www.thesun.co.uk/news/4765804/black-death-warning-in-nine-countries-including-brit-holiday-hotspots-amid-fears-plague-could-spread-on-flights-from-madagascar/
TARGETED ATTACK ??? So much for the theory that shooting down into a crowd from an elevated requires “special skills”:
http://www.rifleshootermag.com/network-topics/tips-tactics-network/hitting-a-high-or-low-angle-shot/?utm_source=facebook&utm_medium=social&utm_campaign=editorial&utm_term=rifleshooter&utm_content=shootingtips
🙂
“According to the Kaspersky Lab, the majority of victims are located in Russia…”
What a coincidence! Kaspersky is headquartered in Russia.
BTW, none of these things bother me. If anything ever happens to my online computer, I can fix it myself, or I can wipe it and reinstall everything from backups.
Everyone should have two computers, one for online use and one for everything else.
Those Waskley Wabbits. Where is Elmer Fud when you need him!!!!!
Bad Bunny! Bad, Bad, Bad! Who fricken cares? Next week it’ll be the Roadrunner or Wiley Coyote.
Bitcoin the tool of criminals the West should regulated it.
haha you will start seeing this soon.
I notice there is a no free speech agenda building for anti government types or anyone who questions authority. Everything you say or type is stored by the spy state, so no free speech allowed anywhere, smart tv and smart appliances that categorize your threat level. The Internet is only for buying and selling so they think. Not a platform for uncensored content as is in the works to shut down. Porn ok, free speech not ok.
Could be worse. Instead of “Bad Rabbit” it could be “Bad Robot” ransomware.