Bad rabbit - ransomvar paralyzes train stations, airport and media in Russia and europe

An advanced cyberattack has hit media outlets and infrastructure in Russia, Ukraine and Eastern Europe, causing mass disruption
Cybersecurity researchers from Kaspersky described the malware, dubbed Bad Rabbit, in a blogpost on Tuesday, October 24. They explained how the previously unknown malware takes control of computer systems and encrypts data so that people can’t access it.
A ransom is then demanded in order to unlock the computers.
Security researchers are comparing the Bad Rabbit ransomware to WannaCry, which disabled 300,000 computers earlier this year.
“Currently, it’s unclear as to whether or Bad Rabbit will be able to reap the same damage as WannaCry, but undoubtedly businesses will be holding their breath,” Jamie Graves, CEO of security firm ZoneFox, said in an email to Newsweek. “This highlights the need for a robust security posture, based on both technology and education.”
Victims of the Bad Rabbit ransomware include the Kiev Metro and Odessa International Airport in Ukraine, as well as Russian news agency Interfax and other media organisations.
Bad Rabbit Ransomware: How does it work?
Bad Rabbit works by holding the infected computers and networks to ransom before spreading in a “worm-like fashion” to other computers.
The Kaspersky researchers describe the method of initial distribution as “drive-by attacks” that make use of a fake Adobe Flash installer that requires victims to click on it to execute the ransomware.
Once infected, a ransom message appears on the device that states: “Oops! Your files have been encrypted. You might have been looking for a way to recover your files. Don’t waste your time. No one will be able to recover them without our decryption service.”
A link to a website hosted on the dark web is provided in order to make payment for a decryption password that the attackers claim will unlock the data.
“We’ve detected a number of compromised websites, all of which were news or media websites,” the researchers said in their blogpost.
The Bad Rabbit ransomware spreads between computers and networks in a "worm-like fashion.
The researchers also noted that the cybercriminals behind Bad Rabbit appear to be fans of the popular book and TV series Game of Thrones. Code used in the malware contains the names of different characters from the series.
Bad Rabbit Ransomware: How do I protect myself?
Advice from security professionals is to keep computers updated with the latest security software and avoid suspicious links. If your computer is already infected, the advice is to not pay the ransom.
“Best practice advice is not to pay the ransom and ensure that data is backed up so systems can be recovered if impacted,” says Andrew Clarke, a director at cybersecurity firm One Identity.
“Also [my advice is] to ensure systems are patched and up to date, as well as control administrative access across a network.”

Comments

Post a Comment

Popular Hacking news

send whatsapp messages can be deleted, but they don't really go away

Image
Encrypted messaging platform WhatsApp recently added the ability to delete sent messages, but the team at Android Jefe (article is in Spanish) has discovered that they don't quite disappear completely. A deleted text still exists on the recipient's device in the form of a notification, Android Jefe found, and with the proper software it can be read hours later. As an individual bug it might not sound too concerning, but the Android notification log doesn't exist in a vacuum. If an Android device has already been compromised by malware, the notification log could be a way for anyone to read WhatsApp messages, deleted or not, and that's a huge security problem for an app that prides itself on being private and secure. Android notifications and you Every time a notification comes to an Android device it gets stored in a log that records everything from that Android session (it clears on reboot). If you can access the notification log you can see a list of every
Read more

Bill Gates tells me how he hacked his school's computer to meet girls

Image
B ill Gates needs no introduction whatsoever. After all, he co-found Microsoft and is currently the richest person in the world. In 2000, he also launched the Bill and Melinda Gates Foundation that has donated more than $34 billion to the projects aimed at social welfare.  Gates used his first computer at a private school in Seattle. There, he wrote his first computer program aged just 13. It was the same Lakeside School where Gates met Paul Allen and became friends over a shared love of computers. Apart from being enthusiastic about computers, they used to hack into computers from time to time. You must have heard the famous story that tells how Gates hacked into his school computer to meet girls. In a recent interview with BBC, Bill Gates sheds more light over this story and tells how he enrolled himself into the classes where he was the only boy. He and fellow Microsoft co-founder Paul Allen hacked and make changes into school’s scheduling software to up Gates’ chances of
Read more