After a generalized ransomware attack dubbed NotPetya affected Russia and some parts of Europe earlier this summer, a new version of the code called Bad Rabbit took hostage thousands of computer systems and put on halt critical infrastructure mostly in Russian and Ukraine.
NotPetya authors are believed to be behind a new ransomware attack called ‘Bad Rabbit.’ The new malware strain has infected thousands of machines in Ukraine, Russia, Turkey, Germany, and Bulgaria, Kaspersky and ESET reported.
However, even though Bad Rabbit is not as bad as NotPetya outbreak, it has managed to infect the digital systems of several Russia-based news outlets like Interfax, the Ukrainian airport in Odessa and the subway systems in Kiev. The malware shut down part of the said systems and the subway credit-card payment network, the Ukrainian government said.
ESET researcher Robert Lipovsky noted that Bad Rabbit is more aggressive than NotPetya since it has managed to infect critical infrastructure in a short period of time. Cyber security experts believe the latest attack was “well-coordinated”.
NotPetya Authors Behind the Latest Attack
Kaspersky investigators found that the new attack is the work of the hackers who launched NotPetya in June. The outbreak started when Bahmut.com.ua, a major Ukrainian news website, was infected with the ransomware, along with dozen more sites.
Kaspersky reported that 30 of those corrupted websites are used as hubs to distribute the new malware – Bad Rabbit.
“This indicates that the actors behind ExPetr/NotPetya have been carefully planning the BadRabbit attack since July,”
the head of Kaspersky’s global research and analysis team Costin Raiu told reporters.
The cybersecurity firm said only 200 of its customers have been infected with Bad Rabbit so far. But dozens of the infected systems belong to the Ukrainian government. The most compromised systems are in the private sector, though. ESET said 12% of infected computers are located in Ukraine, with 65% being in Russia.
Image Source: Wikimedia