Russian Media Outlets Hacked, Ransomware Spreads Throughout Eastern Europe

Russian Media Outlets Hacked, Ransomware Spreads Throughout Eastern Europe

After the drama caused by the WannaCry and NotPetya earlier this year, was there ever any doubt that a fresh ransomware campaign would emerge at some point?

While Bad Rabbit being able to spread across the networks may remind some readers of the infamous EternalBlue exploit that was dropped by the Shadow Brokers earlier this year from their exclusive NSA kit and has been used in multiple ransomware and malware strains, Bad Rabbit does not use this particular exploit.

According to Kaspersky Lab, there were nearly 200 targets.

"While Bad Rabbit does have worm capabilities, it spreads using mostly legitimate methods of lateral movement across a Windows network".

Chester Wisniewski, principal research scientist, Sophos, said, "It appears this latest variation, the so-called Bad Rabbit ransomware, is being distributed via a fake Adobe Flash Player installer file". Majority were in Russian Federation, as well as Ukraine, Turkey and Germany.

However, Steven Malone, Cyber Resilience Expert at Mimecast, says that Big Rabbit is indeed a variant of NotPetya since both of them use the same SMB flaws to spread laterally once inside a network. The hackers are demanding a ransom 0.05 Bitcoin, which roughly translates to Rs 18,071.

Like this story? Share it!

Barak on Wednesday encouraged companies and agencies to use CyberReason's free RansomFree software, which identifies possible ransomware attacks by baiting the malicious code to reveal itself by encrypting dummy files.

New York Includes Vaping Under Smoking Ban
Bloomberg, then the mayor, included it in the city's Smoke Free Air Act. NY now joins California, Connecticut, New Jersey, and Utah on the ban.

Though the U.S. and other western countries were not specifically targeted by this campaign, according to cybersecurity and antivirus vendor Avast, Bad Rabbit has now been detected in the USA.

The new ransomware went by the codename "Bad Rabbit" but needed to be analysed further, he added. "CrowdStrike Intelligence can confirm that this website was hosting a malicious JavaScript inject as part of a Strategic Web Compromise (SWC) attack on 24 October 2017".

Game of Thrones fans may be bemused to learn that three routines carried out by the malware are named Drogon, Rhaegal and Viserion, after three dragons in the series. Critical institutions that are essential to everyday life were the targets and were infected in a such a short amount of time.

"While core resources Interfax remain inaccessible due to the attacks, we publish news on our Facebook". A new ransomware, BadRabbit locks up files and demands ransom but experts warn victims not to pay the ransom as they probably won't get access to data anyway. It's not yet known what happens if targets pay the ransom in an attempt to restore their data.

Looking ahead, Palo Alto says because the initial attack vector is through bogus updates, Bad Rabbit attacks can be prevented by just getting Adobe Flash updates from the Adobe website.

After infecting one machine in a network - one computer in an office, for example - Bad Rabbit can find any login details stored on the machine which it uses to spread to others, security researchers have claimed. It recommends that all security updates for software are installed.

Related Articles

  • Black Travelers Warned About Flying With American Airlines By NAACP

    Black Travelers Warned About Flying With American Airlines By NAACP

    Johnson said the national travel advisory concerning American Airlines will continue until the group's concerns are addressed. William Barber was removed from a flight from Reagan National Airport in Washington, D.C.to RDU International Airport.
    Deserter Bowe Bergdahl's Sentencing Hearing Begins, May Get Life In Prison

    Deserter Bowe Bergdahl's Sentencing Hearing Begins, May Get Life In Prison

    This time, Fidell pointed to comments the president made to reporters last week when asked about Bergdahl. He called the prosecutor's argument about the latest statement "a strained interpretation".
    Caitlin McHugh, John Stamos' Fiancee

    Caitlin McHugh, John Stamos' Fiancee

    " Fuller House " star John Stamos has proposed to actress Caitlin McHugh , he announced via social media on Monday. The 54-year-old actor popped the question to his girlfriend of almost two years, Caitlin McHugh , over the weekend.
  • Chelsea Look To Pile More Misery On Manager-less Everton

    Chelsea Look To Pile More Misery On Manager-less Everton

    Unsworth - capped once by England - could be in charge for several matches leading up to the global break in a fortnight.
    Phantom Thread trailer: Daniel Day-Lewis' final film

    Phantom Thread trailer: Daniel Day-Lewis' final film

    Until then, get excited for Phantom Thread , and wonder to what degree Day-Lewis' character is a projection of PTA himself. There are few things more exciting in film than a Daniel Day-Lewis and Paul Thomas Anderson movie.
    NIA arrests Syed Salahuddin's son for Kashmir terror funding case

    NIA arrests Syed Salahuddin's son for Kashmir terror funding case

    Pandit, like Aijaz Bhat, has been an active Hizbul Mujahideen militant and is now based in Pakistan. He was apparently referring to the terror-funding cases involving top separatist leaders.
  • BJP to observe first anniversary of DeMo as 'anti-black money day'

    BJP to observe first anniversary of DeMo as 'anti-black money day'

    He also quoted a recent International Monetary Fund report that projected India will achieve an eight per cent growth rate soon. He accused Jaitley of making a "desperate" attempt to save the BJP as the "ground is slipping from beneath" its feet.
    Backed forces take Syria's largest oil field from IS

    Backed forces take Syria's largest oil field from IS

    The SDF declared the "total liberation" of Raqqa on Friday, which for more than three years was the de facto capital of ISIS. Most of the territory the group once held has been seized by an array of Syrian and Iraqi forces.
    Samsung Galaxy J7 Catches fire in Jet Airways Domestic flight

    Samsung Galaxy J7 Catches fire in Jet Airways Domestic flight

    A Jet Airways spokesperson confirmed the incident but said it was resolved "as per guidelines". After a check, the couple (Arpita and her husband) identifies the phone as Samsung Galaxy J7 .
  • Apple buys Kiwi wireless charging developer PowerbyProxi

    No one knows how much the former paid for the latter, but it's rumored to be in the high tens of millions. And like other startups, PowerbyProxi may be folded into Apple's existing teams, or chart its own path.
    Will Smith Hunts Elves with an Orc in New BRIGHT Trailer

    Will Smith Hunts Elves with an Orc in New BRIGHT Trailer

    Now, though, with the release of a new redband trailer, fans can get a better look at what Bright deals with in detail. Netflix has stepped up its game, especially in 2017, when it comes to its original movie content.
    Taco Bell's Kit Kat Quesadillas

    Taco Bell's Kit Kat Quesadillas

    Dubbed the Chocoladilla, this $1 dessert is exactly what it sounds like: a flour tortilla stuffed with melted Kit Kats. In its latest food mashup, Taco Bell is throwing Kit-Kats in a tortilla to make the "Chocoladilla".