Skip to main content

New Bad Rabbit ransomware hitting Eastern Europe

(Image credit: Image Credit: WK1003Mike / Shutterstock )

A new ransomware outbreak has been detected attacking Russia, Ukraine and other countries in Eastern Europe. 

The malware is hitting media companies across the continent, and three have confirmed the attack at the time of writing.

Dubbed Bad Rabbit, the malware has attacked Interfax (a news agency), and a Ukrainian airport in Odessa. Russian security firm Group-IB has also confirmed that this, in fact, is a ransomware. The message victims get, as well as the aesthetic used to present the message, highly resembles NotPetya.

There are still no clues as to who might be behind the attack. What we do know so far is that the attackers are demanding payment of 0.05 bitcoin, currently worth £213.

Commenting on the attack, Amichai Shulman, CTO at Imperva said: "At the end of the day, all Ransomware is basically the same. Hackers via the ransomware malware are making files unavailable to users and as a consequence disrupt the operations. As long as the infection and effect of the Ransomware is constrained to end points, the damage to organizations should be minimal. That is key.”

Security researchers have confirmed (opens in new tab) that Bad Rabbit spread through a fake Adobe Flash Player installer. The malware seems to have been distributed via booby-trapped legitimate sites, “all of which were news or media websites”.

“Some might say – why after WannaCry and NotPetya are systems still unpatched?” Shulman continues. “The issue of patching is irrelevant when looking at a potentially self-replicating malware like Bad Rabbit because in any large network there will be some unpatched devices. By protecting file servers (e.g. deploying File Firewall solutions) rather than focusing on endpoints organizations can minimize the effect of such incident and avoid disruption to business."

Image Credit:  WK1003Mike / Shutterstock 

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.