Russian Media Outlets Hacked, Ransomware Spreads Throughout Eastern Europe

Russian Media Outlets Hacked, Ransomware Spreads Throughout Eastern Europe

After the drama caused by the WannaCry and NotPetya earlier this year, was there ever any doubt that a fresh ransomware campaign would emerge at some point?

While Bad Rabbit being able to spread across the networks may remind some readers of the infamous EternalBlue exploit that was dropped by the Shadow Brokers earlier this year from their exclusive NSA kit and has been used in multiple ransomware and malware strains, Bad Rabbit does not use this particular exploit.

According to Kaspersky Lab, there were nearly 200 targets.

"While Bad Rabbit does have worm capabilities, it spreads using mostly legitimate methods of lateral movement across a Windows network".

Chester Wisniewski, principal research scientist, Sophos, said, "It appears this latest variation, the so-called Bad Rabbit ransomware, is being distributed via a fake Adobe Flash Player installer file". Majority were in Russian Federation, as well as Ukraine, Turkey and Germany.

However, Steven Malone, Cyber Resilience Expert at Mimecast, says that Big Rabbit is indeed a variant of NotPetya since both of them use the same SMB flaws to spread laterally once inside a network. The hackers are demanding a ransom 0.05 Bitcoin, which roughly translates to Rs 18,071.

Like this story? Share it!

Barak on Wednesday encouraged companies and agencies to use CyberReason's free RansomFree software, which identifies possible ransomware attacks by baiting the malicious code to reveal itself by encrypting dummy files.

Pixel 2 XL POLED display has massive Burn-In issue
Google's new Pixel 2 and Pixel 2 XL offer a lot of features but as with any new smartphone, it's not without its issues. It could be a genuine screen burn-in problem, say reports , and can become a deal-breaker for potential buyers.

Though the U.S. and other western countries were not specifically targeted by this campaign, according to cybersecurity and antivirus vendor Avast, Bad Rabbit has now been detected in the USA.

The new ransomware went by the codename "Bad Rabbit" but needed to be analysed further, he added. "CrowdStrike Intelligence can confirm that this website was hosting a malicious JavaScript inject as part of a Strategic Web Compromise (SWC) attack on 24 October 2017".

Game of Thrones fans may be bemused to learn that three routines carried out by the malware are named Drogon, Rhaegal and Viserion, after three dragons in the series. Critical institutions that are essential to everyday life were the targets and were infected in a such a short amount of time.

"While core resources Interfax remain inaccessible due to the attacks, we publish news on our Facebook". A new ransomware, BadRabbit locks up files and demands ransom but experts warn victims not to pay the ransom as they probably won't get access to data anyway. It's not yet known what happens if targets pay the ransom in an attempt to restore their data.

Looking ahead, Palo Alto says because the initial attack vector is through bogus updates, Bad Rabbit attacks can be prevented by just getting Adobe Flash updates from the Adobe website.

After infecting one machine in a network - one computer in an office, for example - Bad Rabbit can find any login details stored on the machine which it uses to spread to others, security researchers have claimed. It recommends that all security updates for software are installed.

Related Articles

  • IPhone X will be hard to get due to severe supply shortages

    IPhone X will be hard to get due to severe supply shortages

    On Tuesday, Apple explained customers could purchase an iPhone X beginning at 8 a.m. local time on Friday, Nov. 3. You will be able to pre-order the iPhone X via the Apple Store website or within the iOS app.
    Samsung Galaxy J7 Catches fire in Jet Airways Domestic flight

    Samsung Galaxy J7 Catches fire in Jet Airways Domestic flight

    A Jet Airways spokesperson confirmed the incident but said it was resolved "as per guidelines". After a check, the couple (Arpita and her husband) identifies the phone as Samsung Galaxy J7 .
    Tesla Building Electric Car Factory In China

    Tesla Building Electric Car Factory In China

    Tesla will however buy many of its spare parts from China , especially if it builds its plant in the Shanghai region. The company said that it is planning to open its own manufacturing facility in Shanghai by end of the year.
  • Black Travelers Warned About Flying With American Airlines By NAACP

    Black Travelers Warned About Flying With American Airlines By NAACP

    Johnson said the national travel advisory concerning American Airlines will continue until the group's concerns are addressed. William Barber was removed from a flight from Reagan National Airport in Washington, D.C.to RDU International Airport.
    BJP to observe first anniversary of DeMo as 'anti-black money day'

    BJP to observe first anniversary of DeMo as 'anti-black money day'

    He also quoted a recent International Monetary Fund report that projected India will achieve an eight per cent growth rate soon. He accused Jaitley of making a "desperate" attempt to save the BJP as the "ground is slipping from beneath" its feet.
    Dad Now Says Missing Texas Girl Choked on Milk

    Dad Now Says Missing Texas Girl Choked on Milk

    Police said they believe Sini Mathews was sleeping when the girl went missing and was unaware of the alleged punishment. Kevin Perlich of Richardson said, the bond was set at $1 million on the adoptive father of Sherin.
  • Is the iPhone X cursed before it's even launched?

    Is the iPhone X cursed before it's even launched?

    ILLEGAL ACTIVITY WARNING: This news story was reported by StockNewsTimes and is the sole property of of StockNewsTimes. Basically, Appl was having trouble producing the modules that work and combine together to form the dot projector.
    Apple Pay arrives in Denmark, Finland, Sweden and UAE

    Apple Pay arrives in Denmark, Finland, Sweden and UAE

    When you use a credit or debit card with Apple Pay, the actual card numbers are not stored on the device, nor on Apple servers. Ultimately, the launch of Apple Pay is the latest in what's been an eventful year for Apple fans in the Emirates.
    BJP, Congress spar over Rahul Gandhi's Twitter popularity

    BJP, Congress spar over Rahul Gandhi's Twitter popularity

    As per the report, the tweet quickly reached 20,000 retweets and now has touched 30,000. As on Friday, Gandhi has 3.81 million followers and 3,352 tweets.
  • Apple buys Kiwi wireless charging developer PowerbyProxi

    Apple buys Kiwi wireless charging developer PowerbyProxi

    No one knows how much the former paid for the latter, but it's rumored to be in the high tens of millions. And like other startups, PowerbyProxi may be folded into Apple's existing teams, or chart its own path.
    Metal Gear Survive Release Date Announced

    Metal Gear Survive Release Date Announced

    It's heading to PS4, Xbox One and PC, and will arrive a few days earlier in the US (February 20) than it will in Europe. Metal Gear Survive is the first installment in the franchise since the departure of series creator Hideo Kojima .
    Backed forces take Syria's largest oil field from IS

    Backed forces take Syria's largest oil field from IS

    The SDF declared the "total liberation" of Raqqa on Friday, which for more than three years was the de facto capital of ISIS. Most of the territory the group once held has been seized by an array of Syrian and Iraqi forces.