New malware now dubbed, BadRabbit, was discovered in Eastern Europe and is causing plenty of problems. BadRabbit is moving through networks in Russia, Turkey, and Bulgaria locking down computers and asking for Bitcoin payment to regain access. Ukraine’s Odessa airport was one of the victims of the malware and it caused many flight delays and confusing at the airport. Odessa wasn’t the only city in Ukraine that was affected. Kiev’s metro system was also hit with BadRabbit and experts say attacks have been spotted in Bulgaria and Turkey.
Ransomware works by infecting a target system and encrypting all of its files. The users are shown a screen that shows the hacker’s demands. In this case, the hackers are demanding 0.05 Bitcoin which translates to $280USD. We’re assuming the ransom is per computer, not per system. Generally, the hackers give the victims a set time to pay up or they will increase the demand. BadRabbit is being spread through a fake Adobe Flash Player installer and using a Windows flaw dubbed Eternal Blue.
The U.S. Department of Homeland Security issued a warning on the BadRabbit ransomware, a type of virus that locks up infected computers and asks victims to pay a ransom to restore access. It did not identify any U.S. victims but advised the public to refrain from paying ransoms and report any infections to the Federal Bureau of Investigation through the government’s Internet Crime Complaint Center.
Russian cyber-security firm Kaspersky Lab said BadRabbit appeared to spread through a mechanism similar to June’s destructive NotPetya virus, which took down many Ukrainian government agencies and businesses. It then spread across corporate networks of multinationals with operations or suppliers in eastern Europe.
I’m sure this isn’t the last case of ransomware we’ll see as hackers continue to find ways to crack system security. Now more than ever, it’s important to be aware of what you’re clicking, downloading and what websites you visit.
Last Updated on October 25, 2017.