Ransomware is the malware of the future. There have been more and more cases in the past years and it has become a serious problem that is targeted by all the anti-malware software. There have been plenty of cases, and now it appears that a new ransomware wave is targeting Eastern Europe.
This malware is named Bad Rabbit and it already attacked Interfax, the news agency, and other Russian media outlets.
The letters used, red on a black background, are similar to the style of a previous huge malware wave, NotPetya. In order to get back their files, users have to pay 0.05 bitcoins (around $282) in 40 hours. If victims fail to pay in that period of time, the price goes up.
Who are the victims?
We do not know exactly all the victims, but we do know that most of them are Russian. “According to our data, most of the victims targeted by these attacks are located in Russia. We have also seen similar but fewer attacks in Ukraine, Turkey and Germany. This ransomware infects devices through a number of hacked Russian media websites. Based on our investigation, this has been a targeted attack against corporate networks, using methods similar to those used during the ExPetr[NotPetya] attack. However we cannot confirm it is related to [NotPetya],” declared Vyacheslav Zakorzhevsky from Kaspersky Lab in a statement.
Apparently Bad Rabbit managed to spread through a fake Adobe Flash Player installer. Bad Rabbit also managed to stay unnoticed, since few companies actually detected it. There are plenty of files encrypted by this attack, including .jpg, .doc and .docx. This means that the attacker targeted all sorts of common files that are used by everyone.