New wave of hacker attacks covered from four countries

Bad Rabbit ransom note               Image Kaspersky Lab

The company says most victims are in Russia, and experts think the ransomware appears infected devices through the hacked Russian media websites. Overall the company found nearly 200 targets, according to KSN (Kaspersky Security Network) statistics. The evil code then uses the legit open-source Mimikatz tool to extract file server login credentials out of the computer's memory - as used by the NotPetya ransomware in June - and uses those details, along with some hardcoded password guesses, to worm its way through SMB shares on the network.

USA cybersecurity analysts have issued a warning about a new malware attack called Bad Rabbit, which they said originated in Russian Federation and is spreading globally.

One thing that we can discern so far is the hackers behind the attacks seem to be Game of Thrones fans, as at least four scheduled tasks within the ransomware are named after the popular series (Viserion, Drogon, Rhaegal and GrayWorm).

Later in the day, Russian cyberforensics company Group-IB, which prevents and investigates cybercrimes has recorded cyberattacks using the BadRabbit cryptographic virus on a number of Russian media outlets.

Preliminary analysis indicates the malware is professionally developed and incorporates a variety of advanced measures created to allow it to rapidly infect large government and corporate networks.

Amit Serper, a malware researcher at Cybereason, said on Twitter that he'd found a way to immunize a computer against Bad Rabbit infection.

BadRabbit may also have spread to Turkey, Bulgaria and beyond, and is a variant of Diskcoder, according to researchers at ESET. Dubbed as Bad Rabbit by researchers, initial reports suggest the ransomware is similar to the NotPetya outbreak earlier this year. According to ESET, the method used to distribute Bad Rabbit was through drive-by download, where Javascript is injected into website's HTML body or a JS file.

Once Bad Rabbit infects a computer, it displays a message in orange letters on a black background. The damage was worsened by the fact that the creators of the ransomware didn't fulfill their end of the bargain: Users who paid the bitcoin ransom for NotPetya said that they never received a working decryption key for their computers. But security firms and governments have asked victims not to pay the ransom, as there is no guarantee if the data will be decrypted after payment. The NotPetya malware was written in a way that made recovery just about impossible, a trait that has stoked theories that the true objectives of the attackers was to wipe data in an act of sabotage, as opposed to generate revenue from ransomware. This price will keep going up the longer a victim delays paying the ransom. Microsoft has provided some useful guidance here network administrators can follow to protect their organizations against Bad Rabbit.

Related:

  • Android 8.1 Developer Preview is now available for Pixels and Nexuses

    Android 8.1 Developer Preview is now available for Pixels and Nexuses

    Both the devices offer an incremental upgrade over their predecessor and promise Pixel exclusive software features. Google is sticking with the single camera and proves that great things can be done without a dual camera.
    The Kardashians Sign On For Five More Seasons For $150 Million

    The Kardashians Sign On For Five More Seasons For $150 Million

    We have eight!' 'I know, we have so many babies, ' Kylie says smiling. "We look forward to continuing our collaboration for years to come".
    MCD) — McDonald's Corporation (NYSE

    MCD) — McDonald's Corporation (NYSE

    Regal Investment Advisors Llc increased Alphabet Inc stake by 2,630 shares to 3,034 valued at $2.76 million in 2017Q2. The fast-food giant reported $1.62 EPS for the quarter, beating the Zacks' consensus estimate of $1.49 by $0.13.
  • Five former USA presidents hold concert benefiting hurricane relief efforts

    Trump also made an appearance in the form of a pre-taped video message that was delivered to concertgoers. His video statement was shown at Saturday's fund-raising concert.

    Fox kept O'Reilly despite harassment suit

    O'Reilly reportedly settled a $32 million lawsuit, which the network was aware of when it resigned him earlier this year. . Fox News' parent company insists it didn't know about the amount of the settlement.
    Penn State beats MI , 42-13

    Penn State beats MI , 42-13

    The Wolverines return to the Big House next weekend for a matchup against Rutgers as they look to right the ship. Coming out of a bye week, Penn State was itching to get the ball rolling early against the Michigan Wolverines .
  • Former production assistant becomes latest Harvey Weinstein accuser

    Former production assistant becomes latest Harvey Weinstein accuser

    He asked to perform oral sex on her and she refused, but he persisted and she "froze", allowing him to continue. The lawsuit adds: "Again, Weinstein displayed persistence and would not take no for an answer".
    Reality star falls through stage in brutal awards show gaffe

    Reality star falls through stage in brutal awards show gaffe

    While speaking about the hilarious (sorry, Gemma) incident, the TOWIE star also seemed to hint that she might be taking legal action.
    WhatsApp might've revealed its next major new feature

    WhatsApp might've revealed its next major new feature

    According to Independent.co.uk (via WABetaInfo ), WhatsApp is planning to bring voice and video calls to group chats. Moreover, there is the option to prevent the group creator to be deleted from the group by other administrators.
  • 'Golmaal Again' 4th day box office collection!

    'Golmaal Again' 4th day box office collection!

    The film earned Rs 30 crore net approx on Friday and performed excellently even on Saturday and Sunday. The comedy entertainer is expected to complete the first week to a total of Rs 135 crore net approx.
    National Football League  expects Kaepernick invite to next players' meeting

    National Football League expects Kaepernick invite to next players' meeting

    Colin Kaepernick may not play another down in the National Football League, but that's not stopping him from making his bread. While it's unclear how the league could allow Kaepernick back into the NFL while he has a collusion case filed against them.
    Sensex, Nifty End Modestly Higher On Earnings Optimism

    Sensex, Nifty End Modestly Higher On Earnings Optimism

    The Nifty PSU bank index was trading 1.1 per cent higher, having fallen 1.4 per cent this month, up to Monday's close. Similarly, the wider 50-scrip Nifty of the National Stock Exchange (NSE) provisionally closed on a positive note.

Comments

Other news