BadRabbit Ransomware hits Russia and Ukraine, remedy posted

Several Russian News Agencies and additional targets in Ukraine and have been hit with cyberattacks. The ransomware responsible for the attacks are based on a new variant of Petya Strain called BadRabbit.

A security firm named GroupIB have reported about the BadRabbit attack on the Russian Interfax news agency which is being down due to the cyberattack. Interfax have also confirmed the reports of the attack in its Facebook page.

The first reports of BadRabbit was spread through a fake Adobe Flash Player update that made its way into Russian News Media sites and the attacker demanded a ransom of 0.05 bitcoin ransom which is about $280. Although the ransom note which was posted on Twitter was written in English, no English speaking country has been hit by this attack.

" However, this is the only similarity we can observe between both malware, in all other aspects BadRabbit is a completely new and unique ransomware," Check Point said in a statement.

On other lines, Nick Carr, Security consultant and incident response at Mandiant says that BadRabbit drops and executes c:windowsinfpub.dat by ordinal function and is similar to EternalPetya ransomware in many ways.

Crowdstrike believes that, " BadRabbit is likely delivered via the website argumentiru[.]com which is a current affairs, news and celebrity gossip website focusing on Russian and near-abroad topics. CrowdStrike Intelligence can confirm that this website was hosting a malicious JavaScript inject as part of a Strategic Web Compromise (SWC) attack on 24 October 2017,” .

To give a breather, Cybereason researcher Mike Iacovacci has posted a series of steps to take that will prevent a system from being infected with BadRabbit.

Tag : Linux
FAQ
Q
What's the difference between malware and ransomware?
A
Malware is software written specifically to harm and infect the host system. Malware includes viruses along with other types of software such as trojan horses, worms, spyware, and adware. Advanced malware such as ransomware are used to commit financial fraud and extort money from computer users.
Q
How many types of ransomware are there?
A
There are two basic types of ransomware in circulation. The most common type today is crypto ransomware, which aims to encrypt personal data and files.
Q
What is anti ransomware?
A
Bitdefender Anti-Ransomware is a free security tool that can protect against existing and emerging ransomware attacks. Ransomware is a category of malicious software designed to block access to your computer and files until you pay a large sum of money.
Q
How does ransomware spread?
A
Ransomware is often spread through phishing emails that contain malicious attachments or through drive-by downloading. Crypto ransomware, a malware variant that encrypts files, is spread through similar methods and has also been spread through social media, such as Web-based instant messaging applications.
Q
Can you remove ransomware?
A
Removing ransomware. Before you can free your hostage PC, you have to eliminate the hostage taker. If you have the simplest kind of ransomware, such as a fake antivirus program or a bogus clean-up tool.