Febrero 19, 2018

BadRabbit ransomware is crippling countries in Eastern Europe

25 Octubre 2017, 10:16 | Benedicto Grullon

Интерфакс @interfax_news


The Department of Homeland Security released an alert late Tuesday evening about reports of a new ransomware spreading across several countries called Bad Rabbit.

Kaspersky Lab said: "We have been proactively detecting the original vector attack since it began on the morning of October 24. Overall, there are nearly 200 targets, according to the KSN statistics", Kaspersky Lab said.

"ESET's telemetry has detected hundreds of occurrences of Diskcoder.D", it reported, adding: "Most of the detections are in Russian Federation and Ukraine, however, also there are reports of computers in Turkey, Bulgaria and other countries are affected".

Eset, a Slovakian cybersecurity company, said that initial analysis suggested the malware was "Diskcoder.D" - otherwise known as "Petya".

Once a computer is infected, the crooks behind Bad Rabbit lockdown computers and demand 0.05 Bitcoin (about $275) from victims within 41 hours in exchange for decryption of the data and restoring access to their machine.

PCS' first Global Cyber service loss estimate for the Equifax hack attack, put at an insurance market impact of $125 million, however the firm said that the economic impact to the credit giant is expected to be much larger. Experts reportedly are warning victims not to pay the ransom.

Bad Rabbit ransomware is a modified version of the NotPetya malware, the outbreak of which was recorded in July. This again has led Kaspersky to believe it is the same group that had developed Petya are also behind Bad Rabbit.

"According to our data, most of the victims targeted by these attacks are located in Russian Federation". Serper, who works at Cybereason, explains that all you need to do is create two files (c:\windows\infpub.dat and c:\windows\cscc.dat) and remove all permissions from them.

The malware also appears to be using an encryption scheme that prevented analysts from deciphering the malicious code. Lorenzo Franceschi-Bicchierai reporting in Motherboard: "Once [the malwae] infects a computer, Bad Rabbit displays a message in red letters on a black background, an aesthetic used in the massive NotPetya ransomware outbreak. WannaCry set the bar for how devastating ransomware can be; Bad Rabbit won't be the last iteration of malware to try and emulate its "success".

According to Wisniewski, partners can play a key role in helping customers during such ransomware attacks.

The Bad Rabbit ransomware spreads between computers and networks in a "worm-like fashion". BadRabbit is being spread through a fake Adobe Flash Player installer and using a Windows flaw dubbed Eternal Blue. Even more, they continue to rely on the legacy AV products which these types of malware evade so easily, ' Rowan adds. If any employee has the ability to download and install software then they will have the ability to install Bad Rabbit on your network.

Otras noticias

Tendencias Ahora

Nintendo is bringing Animal Crossing: Pocket Camp to mobile gaming
Nintendo announced that it is all set on holding a Direct event for the upcoming release of its mobile Animal Crossing game. It seems the game will give players a ton of freedom when creating and editing their character and village, which is great.

Samsung opens preorders for Galaxy Note 7 Fan Edition in Malaysia
That's because Apple has finally embraced the edge-to-edge display design made popular by the Galaxy lineup from Samsung. On the camera front, the device could sport an 8-megapixel rear camera with autofocus, face detection and LED flash.

Finally beating Liverpool would be a massive step forward for Tottenham
They're style/pressing always seems to work against us and for whatever reason we never seem to play our usual game against them. The last time it happened was in August 2015, when Brendan Rodgers' side drew 0-0 with Arsenal then lost 3-0 to West Ham.

Jack Del Rio too stubborn to tweak secondary issues — Oakland Raiders
Packers 24, Vikings 13: True or false: Anyone in a split-team jersey sporting Favre's name gets admitted free into Lambeau Field. Their Wednesday afternoon session was shortened amid air conditions that the Environmental Protection Agency termed "Unhealthy".

What you need to know this week — UEFA Champions League
Chelsea are not far off their place from last season, but the gap in quality feels markedly different for 2017/18's title race. He will float infield to play in the half-spaces between Walker and Fernandinho, linking Dries Mertens with central midfield.

Your Password-Protected Wi-Fi Isn't Safe From Snooping
People also need to be aware of subtle differences to keep their connections safe such as paying attention to the URL. Changing your Wi-Fi password won't help, but you can look for other security protocols or find a reliable VPN.

At long last, Dodgers ace Kershaw pitches in World Series
If the Series goes to Game 6 and 7 back in L.A., the heat streak will be over. "At that point in time, he was on a back field". Taylor delivered the punchline in his usual flat tone but with enough of a smile to indicate he was kidding - we think.

Trump Demands More "Appreciation" for Relief Effort in Puerto Rico
The pharmaceutical sector may slowly move to locations that offer the same tax advantages but a smaller risk of hurricanes. This quick and effective help was massively required by the island as soon as the hurricane hit.

Dolphins vs. Ravens Point Spread: NFL Week 8 Odds, Prediction
Head coach Ben McAdoo is sticking with Eli Manning as the Giants' quarterback in what has become a frustrating, lost season. McKissic (Central-Phenix City) ran for 10 yards on three carries and caught two passes for 23 yards against the Giants .

US GP: Sebastian Vettel takes new chassis after practice problems
So, we lost a set of tires, and then again, towards the end of the session, I felt that something was not right with the car. That is a priority. "I honestly couldn't care less if it's here on the last race, as long as it's done".