This article is from the source 'rtcom' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.
You can find the current article at its original source at https://www.rt.com/news/407655-bad-rabbit-cryptoware-attack/
The article has changed 3 times. There is an RSS feed of changes available.
| Version 0 | Version 1 |
|---|---|
| Bad Rabbit cryptoware attack: New virus hits companies in Russia, Turkey, Germany & Ukraine | Bad Rabbit cryptoware attack: New virus hits companies in Russia, Turkey, Germany & Ukraine |
| (35 minutes later) | |
| A new global cyber virus attack began on Tuesday and targeted corporate networks mainly in Russia, cybersecurity company Kaspersky Lab said. A number of companies in Germany, Turkey and Ukraine have been affected on a smaller scale. | A new global cyber virus attack began on Tuesday and targeted corporate networks mainly in Russia, cybersecurity company Kaspersky Lab said. A number of companies in Germany, Turkey and Ukraine have been affected on a smaller scale. |
| “Our observations show that the majority of the attack’s victims are located in Russia. We’re also registering similar attacks in Ukraine, Turkey and Germany, but on a considerably smaller scale. The malware spreads through a number of compromised websites of Russian media outlets,” the company said in its blog. | “Our observations show that the majority of the attack’s victims are located in Russia. We’re also registering similar attacks in Ukraine, Turkey and Germany, but on a considerably smaller scale. The malware spreads through a number of compromised websites of Russian media outlets,” the company said in its blog. |
| The new virus appears to be dubbed ‘BadRabbit,’ according to a dark net page where the details on ransom for the encrypted files were posted. The initial ransom is 0.05 Bitcoin ($300), but the virus features a timer and promises to raise the price if the ransom is not paid in time. | The new virus appears to be dubbed ‘BadRabbit,’ according to a dark net page where the details on ransom for the encrypted files were posted. The initial ransom is 0.05 Bitcoin ($300), but the virus features a timer and promises to raise the price if the ransom is not paid in time. |
| The attacks were reported by the Interfax news agency and Fontanka.ru news outlet, as well as by the subway system in the Ukrainian capital, Kiev, and the airport of Odessa. The new cryptoware appears to be deliberately targeting corporate networks, according to Kaspersky Lab. | The attacks were reported by the Interfax news agency and Fontanka.ru news outlet, as well as by the subway system in the Ukrainian capital, Kiev, and the airport of Odessa. The new cryptoware appears to be deliberately targeting corporate networks, according to Kaspersky Lab. |
| READ MORE: N. Korea stole cyber tools from NSA, carried out WannaCry ransomware attack – Microsoft chief | READ MORE: N. Korea stole cyber tools from NSA, carried out WannaCry ransomware attack – Microsoft chief |
| “Algorithms similar to the ExPetr attack are being used, but we cannot confirm links to ExPetr. We’re still studying the situation,” Kaspersky Lab stated, referring to a major cryptoware attack which hit a number of companies in Russia and Ukraine back in June. | “Algorithms similar to the ExPetr attack are being used, but we cannot confirm links to ExPetr. We’re still studying the situation,” Kaspersky Lab stated, referring to a major cryptoware attack which hit a number of companies in Russia and Ukraine back in June. |
| Kaspersky Lab advised those who do not use anti-virus products to restrict execution of certain files (C:\Windows\infpub.dat, C:\Windows\cscc.dat) and shut down the Windows Management Instrumentation (WMI) service. | Kaspersky Lab advised those who do not use anti-virus products to restrict execution of certain files (C:\Windows\infpub.dat, C:\Windows\cscc.dat) and shut down the Windows Management Instrumentation (WMI) service. |
| “In 2017 two major cryptoware epidemics have been registered – we’re talking about the notorious WannaCry and ExPetr (also known as Petya and NotPetya), and now the third one appears to begin,” Kaspersky Lab said. | |
| The WannaCry attack occurred in May and affected up to 300,000 people in more than 150 countries, infecting a number of major companies and institutions, such as the UK’s National Health Service (NHS) and Spanish telecommunications firm Telefonica. | |
| The source of the attack remained undetermined, but earlier this month the head of Microsoft, Brad Smith, pinned the blame for it on North Korea, which allegedly used cyber tools or weapons that were stolen from the National Security Agency in the United States. The top executive, however, did not provide evidence to back his claims. | |
| The Petya family ransomware attack followed WannaCry in June, affecting government and private networks and metro systems in Ukraine. A number of companies were also affected worldwide. |