‘Bad Rabbit’ ransomware hits Ukraine, Russia; spreading quickly

Updated On : 26 Oct , 2017 , 02:23 AM
Bad Rabbit ransomware hits Ukraine Russia spreading quickly (File Photo)
Bad Rabbit ransomware hits Ukraine Russia spreading quickly (File Photo)
New Delhi:

A new cyber-attack has hit ‘Bad Rabbit’ has hit Eastern Europe including countries like Russia and Ukraine on Wednesday. To be precise, a Ukrainian international airport and three Russian media outlets have been hit by the new ransomware.

It’s been just four months after the ‘NotPetya’ malware spread from two countries across the world.

The computer virus also appeared to have spread to Turkey and Germany as the day progressed, the cybersecurity experts said adding that its size appeared to be relatively small.

The information system of the Ukraine’s Odessa International Airport stopped functioning in the afternoon, it said on Facebook page.

With elaborating much, the airport said, “All airport services are working in a reinforced security regime.”

Its website showed air traffic going in and out of the Black Sea resort city according to schedule.

One of Ukraine’s biggest news agency, Interfax sent its last dispatch at around 2:13 pm (1113 GMT) before falling silent.

ALSO READ: New malware 'Locky Ransomware' spreading through e-mails, government issues alert

The Fontanka news site in Russia’s second city of Saint Petersburg and a third media outlet “whose name, unfortunately, we cannot reveal at this time” had also gone off line, a cyber security expert told AFP.

“We cannot say what it is at the moment,” Yevgeny Gukov of the Group-IB IT security firm said in Moscow.

The malware appeared to be using an encryption scheme that prevented analysts from deciphering the malicious code, Gukov said.

The new ransomware went by the codename ‘Bad Rabbit’ but needed to be analysed further, he added.

Later, Kaspersky Lab issued a statement that the cyber attack appeared to have originated in Russia before also affected some corporate sites in Turkey and Germany.

“This ransomware infects devices through a number of hacked Russian media websites,” it said in a statement.

“Based on our investigation, this has been a targeted attack against corporate networks, using methods similar to those used during the (NotPetya) attack,” it further added.

The July “NotPetya” attack was a modified version of the “Petya” ransomware that hit last year and demanded money from victims in exchange for the return of their computer data.

(With PTI inputs)

ALSO READ: Nearly 100 sectors join Anti-ransomware initiative as global ransomware attacks increase by 11 per cent

First Published : Thursday, October 26, 2017 01:38 AM
Download the News Nation Mobile App and stay connected with top stories from India and around the world. Available on Android and iOS.