New 'BadRabbit' Ransomware Spreads Across Europe and Russia
A new ransomware is now wreaking havoc in computer networks across Russia, Ukraine, and nearby European countries. The new attack, called "BadRabbit," has already disrupted corporate networks and key facilities like airports, media outlets and public transport systems.
The new BadRabbit ransomware, like the earlier WannaCry and Petya attacks that got into computer networks around the globe, encrypts a computer that it has infected before demanding ransom in the form of bitcoins.
The ransomware demands 0.05 Bitcoins, worth about US$285 as of this time, claiming that the victims will get a password to decrypt the data in the computer. To add pressure to the ransom demand, BadRabbit also shows a timer that expires within 41 hours, according to The Verge.
Get Our Latest News for FREE
If this timer reaches zero, the ransom is then increased. Corporate networks in Russia and Eastern Europe has fallen prey to this new attack, with the malware managing to make its way inside the networks of Russian media outlets, the Kiev Metro public transport system, and even the Odessa International Airport in Ukraine.
The infection has already made its way to Turkey, Bulgaria and Germany, as mapped out by cybersecurity companies including ESET and Kaspersky. While the outbreak is still not that widespread compared to the earlier NotPetya attack, the nature of the targets that BadRabbit has infected is a cause for great concern.
"The dangerous aspect is the fact that it was able to infect many institutions which constitute critical infrastructure in such a short timeframe," Robert Lipovsky, a malware researcher at ESET, explained.
Antivirus and anti-malware company Kaspersky found evidence that links BadRabbit to the creators of NotPetya. The two ransomware attacks used more or less the same group of websites.
Costin Raiu, director of Kaspersky's research team that monitors in this case, notes how the new malware seems like a refined version of NotPetya. "This indicates that the actors behind ExPetr/NotPetya have been carefully planning the BadRabbit attack since July," Raiu noted, as quoted by Wired.
