Bad Rabbit ransomware attacks Russian mass media
Bad Rabbit ransomware attacked Russian mass media, Odessa Airport and Kiev subway, Ilya Sachkov, Chief Executive Officer of Group-IB company dealing with investigation and prevention of cybercrimes, said on Tuesday, TASS reports.
Group-IB is investigating details of this attack. Interfax news agency, Fontanka Internet mass media and one more Russian Internet-based media were under fire, Sachkov said. "Operations are fully disrupted in some companies - servers and workstations were affected," he said.
Users of infected computers receive a notice that their files are encrypted. The virus suggests making payment on a website to get access to files.
The majority of victims of the new ransomware are in Russia but similar attacks are noted in Ukraine, Turkey and Germany, though at a smaller scale, Kaspersky Lab antivirus solutions provider said.
"The malware is disseminated through infected websites of Russian mass media. All signs indicate that this is a target attack against corporate networks," Kaspersky said.
It is difficult to unambiguously determine the origin, goals, scale and specific features of the virus at present because ransom scheme and requirements are more or less standard, Vice President of InfoWatch Rustem Khairetdinov told TASS.
"The crypto virus is called Bad Rabbit in our case and according to data available with us, this is ransomware but not Wannacry or Petya [viruses]," he said.
The scheme of the new virus resembles earlier ones and similar vulnerabilities can be used to spread it, the top manager noted.