News Categories

New ransomware called Bad Rabbit is hopping around Europe

By Nickey Ross - on 25 Oct 2017, 12:30pm

New ransomware called Bad Rabbit is hopping around Europe

Image source: Kaspersky.

A new ransomware that shares similarities with NotPetya has been making the rounds  in Europe recently. The ransomware, known as Bad Rabbit, surfaced in Ukraine and Russia while also appearing to affect Germany as well as Turkey. 

The earlier targets were Ukraine's Ministry of Infrastructure and the public transportation system of Kiev. Interfax, a Russian news agency was also hacked, although it is now working on restoring its systems. Kaspersky states that another Russian news service was also affected, and touched on the pattern of media outlets being targeted in its initial analysis. However, it is unable to verify that the ransomware is indeed linked to NotPetya. ESET on the other hand, says that that Bad Rabbit appears to be a variant of the Petya ransomware.

Unlucky computers that were infected with the malware would bring users to a .onion Tor domain, where they would have to fork out 0.05 Bitcoin (~ RM1,175) in order to get their data back. There will also be a countdown that shows the amount of time left until the ransom increases. As part of the infection process, Bad Rabbit needs a victim to download and execute a fake Adobe Flash installer file. Luckily, security researchers have created a kind of early vaccine against Bad Rabbit that should prevent systems from infection. Interestingly enough, the malware also references Daenerys Targaryen's dragons and Grey Worm from Game of Thrones as well.

Image source: Twitter

Source: TechCrunch, Engadget.