New wave of hacker attacks covered from four countries

Bad Rabbit ransomware attacks Russian mass media

The company says most victims are in Russia, and experts think the ransomware appears infected devices through the hacked Russian media websites. Overall the company found nearly 200 targets, according to KSN (Kaspersky Security Network) statistics. The evil code then uses the legit open-source Mimikatz tool to extract file server login credentials out of the computer's memory - as used by the NotPetya ransomware in June - and uses those details, along with some hardcoded password guesses, to worm its way through SMB shares on the network.

USA cybersecurity analysts have issued a warning about a new malware attack called Bad Rabbit, which they said originated in Russian Federation and is spreading globally.

One thing that we can discern so far is the hackers behind the attacks seem to be Game of Thrones fans, as at least four scheduled tasks within the ransomware are named after the popular series (Viserion, Drogon, Rhaegal and GrayWorm).

Later in the day, Russian cyberforensics company Group-IB, which prevents and investigates cybercrimes has recorded cyberattacks using the BadRabbit cryptographic virus on a number of Russian media outlets.

Preliminary analysis indicates the malware is professionally developed and incorporates a variety of advanced measures created to allow it to rapidly infect large government and corporate networks.

Amit Serper, a malware researcher at Cybereason, said on Twitter that he'd found a way to immunize a computer against Bad Rabbit infection.

BadRabbit may also have spread to Turkey, Bulgaria and beyond, and is a variant of Diskcoder, according to researchers at ESET. Dubbed as Bad Rabbit by researchers, initial reports suggest the ransomware is similar to the NotPetya outbreak earlier this year. According to ESET, the method used to distribute Bad Rabbit was through drive-by download, where Javascript is injected into website's HTML body or a JS file.

Once Bad Rabbit infects a computer, it displays a message in orange letters on a black background. The damage was worsened by the fact that the creators of the ransomware didn't fulfill their end of the bargain: Users who paid the bitcoin ransom for NotPetya said that they never received a working decryption key for their computers. But security firms and governments have asked victims not to pay the ransom, as there is no guarantee if the data will be decrypted after payment. The NotPetya malware was written in a way that made recovery just about impossible, a trait that has stoked theories that the true objectives of the attackers was to wipe data in an act of sabotage, as opposed to generate revenue from ransomware. This price will keep going up the longer a victim delays paying the ransom. Microsoft has provided some useful guidance here network administrators can follow to protect their organizations against Bad Rabbit.

Related:

  • Android 8.1 Developer Preview is now available for Pixels and Nexuses

    Android 8.1 Developer Preview is now available for Pixels and Nexuses

    Both the devices offer an incremental upgrade over their predecessor and promise Pixel exclusive software features. Google is sticking with the single camera and proves that great things can be done without a dual camera.

    Fox kept O'Reilly despite harassment suit

    O'Reilly reportedly settled a $32 million lawsuit, which the network was aware of when it resigned him earlier this year. . Fox News' parent company insists it didn't know about the amount of the settlement.
    Taylor Swift Is A Sexy Cyborg In

    Taylor Swift Is A Sexy Cyborg In

    While Taylor has turned comments off on Instagram , fans flocked to Twitter to discuss her nude scene. But then again, if we're learning anything from her new music, it's to expect the unexpected.
  • 'Golmaal Again' 4th day box office collection!

    'Golmaal Again' 4th day box office collection!

    The film earned Rs 30 crore net approx on Friday and performed excellently even on Saturday and Sunday. The comedy entertainer is expected to complete the first week to a total of Rs 135 crore net approx.
    Sensex, Nifty End Modestly Higher On Earnings Optimism

    Sensex, Nifty End Modestly Higher On Earnings Optimism

    The Nifty PSU bank index was trading 1.1 per cent higher, having fallen 1.4 per cent this month, up to Monday's close. Similarly, the wider 50-scrip Nifty of the National Stock Exchange (NSE) provisionally closed on a positive note.
    Manchester United's Marcus Rashford available for trip to Huddersfield Town

    Manchester United's Marcus Rashford available for trip to Huddersfield Town

    Mourinho instructed his players to put pressure on the stopper, who only turned 18 in August, from set pieces in the hope that he would make an error which might prove so very crucial.
  • WhatsApp might've revealed its next major new feature

    WhatsApp might've revealed its next major new feature

    According to Independent.co.uk (via WABetaInfo ), WhatsApp is planning to bring voice and video calls to group chats. Moreover, there is the option to prevent the group creator to be deleted from the group by other administrators.
    Penn State beats MI , 42-13

    Penn State beats MI , 42-13

    The Wolverines return to the Big House next weekend for a matchup against Rutgers as they look to right the ship. Coming out of a bye week, Penn State was itching to get the ball rolling early against the Michigan Wolverines .
    Match against Mali should have been postponed: Ghana coach

    Match against Mali should have been postponed: Ghana coach

    Traore seized on the mistake, making use of the sodden pitch holding up possession, and drove forward towards the penalty area. He was brought on in the 55 minute but by then it was too late as Mali had mentally drained Ghana with their tactics.
  • Five former USA  presidents hold concert benefiting hurricane relief efforts

    Five former USA presidents hold concert benefiting hurricane relief efforts

    Trump also made an appearance in the form of a pre-taped video message that was delivered to concertgoers. His video statement was shown at Saturday's fund-raising concert.
    MCD) — McDonald's Corporation (NYSE

    MCD) — McDonald's Corporation (NYSE

    Regal Investment Advisors Llc increased Alphabet Inc stake by 2,630 shares to 3,034 valued at $2.76 million in 2017Q2. The fast-food giant reported $1.62 EPS for the quarter, beating the Zacks' consensus estimate of $1.49 by $0.13.
    Reality star falls through stage in brutal awards show gaffe

    Reality star falls through stage in brutal awards show gaffe

    While speaking about the hilarious (sorry, Gemma) incident, the TOWIE star also seemed to hint that she might be taking legal action.

Comments

Other news