Skip to Content
Uncategorized

A New Strain of Ransomware Is Hitting Eastern Europe

October 24, 2017

Malware called BadRabbit is bouncing between networks in Russia, Ukraine, Turkey, and Bulgaria, demanding Bitcoin payment in exchange for decryption of files.

Reuters reports that Odessa airport (pictured above) and the metro system in Kiev, both in Ukraine, have been hit by the malware. Russian cybersecurity firm Group-IB says that at least three of the nation’s media organizations have been hit. Security researchers at ESET claim to have spotted instances of the attack in Bulgaria and Turkey. More attacks will no doubt be mentioned on Twitter as they're discovered.

In each case, users are presented with a black-and-red screen of text demanding a payment of 0.05 bitcoin (about $280, for now) in order for their files to be decrypted. A timer claims that the ransom will increase after 40 hours.

The BadRabbit ransomware appears to spread via a fake Adobe Flash Player installer, according to researchers at security firm Proofpoint, seemingly using a Windows flaw known as EternalBlue that was identified by and leaked from the NSA and has now been used in several malware attacks. Once on a computer, says a staff member of the security firm McAfee, BadRabbit can encrypt a bunch of common file types, including Microsoft Office documents and image files.

Sound familiar? Well, the attack carries many echoes of recent ransomware schemes, such as NotPetya and WannaCry. So far, though, opinion is divided over whether BadRabbit is connected to previous attacks: ESET says it may be a variant of not NotPetya, while Kaspersky says it can’t say with certainty.

One thing is for sure: like other recent malware attacks, it’s causing chaos for those who are hit. We’ll have to wait and see just how big the attack becomes.

Deep Dive

Uncategorized

Embracing CX in the metaverse

More than just meeting customers where they are, the metaverse offers opportunities to transform customer experience.

Identity protection is key to metaverse innovation

As immersive experiences in the metaverse become more sophisticated, so does the threat landscape.

The modern enterprise imaging and data value chain

For both patients and providers, intelligent, interoperable, and open workflow solutions will make all the difference.

Scientists have created synthetic mouse embryos with developed brains

The stem-cell-derived embryos could shed new light on the earliest stages of human pregnancy.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.