{"id":27258,"date":"2017-10-25T17:22:06","date_gmt":"2017-10-25T22:22:06","guid":{"rendered":"http:\/\/olduvai.ca\/?p=27258"},"modified":"2017-10-25T17:22:06","modified_gmt":"2017-10-25T22:22:06","slug":"bad-rabbit-ransomware-this-is-a-targeted-attack","status":"publish","type":"post","link":"https:\/\/olduvai.ca\/?p=27258","title":{"rendered":"Bad Rabbit Ransomware: \u2018This Is A Targeted Attack\u2019"},"content":{"rendered":"<h3><a href=\"http:\/\/www.shtfplan.com\/headline-news\/bad-rabbit-ransomware-this-is-a-targeted-attack_10252017\">Bad Rabbit Ransomware: \u2018This Is A Targeted Attack\u2019<\/a><\/h3>\n<div>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-50288\" src=\"http:\/\/shtfplan.com\/wp-content\/uploads\/2017\/10\/ransomware-e1508948767501.png\" alt=\"ransomware\" width=\"560\" height=\"333\" \/><\/p>\n<p>The Bad Rabbit ransomware is spreading across\u00a0Europe not long after the WannaCry and NotPetya outbreaks. But Bad Rabbit is a \u201ctargeted attack\u201d with widespread implications.<\/p>\n<p>A new cyber attack is affecting numerous computer systems around Europe. The new\u00a0strain of ransomware known as \u201cBad Rabbit\u201d is believed to be behind\u00a0all of the\u00a0trouble.\u00a0 Bad Rabbit has spread to Russia, Ukraine, Turkey, and Germany. Cybersecurity firm <a href=\"https:\/\/usa.kaspersky.com\/products-services\/acqlp-3up-v3-0?ksid=2f7cf06c-94f2-4780-9a88-6f036289bd70&amp;ksprof_id=35&amp;ksaffcode=1317337&amp;ksdevice=c&amp;CAMPAIGN=GOO8497263&amp;kschadid=223736188214&amp;kschname=google&amp;kpid=Google|606655379|28394209574|223736188214|kwd-97058710|c&amp;gclid=CjwKCAjw7MDPBRAFEiwAppdF9FJBBPhPD8M4cyKhlEHplrFs6QcEG4tfJGE0MPoCKxJQG0WHEOnRPRoCShYQAvD_BwE\" target=\"_blank\" rel=\"noopener\">Kaspersky Lab<\/a>, which is monitoring the malware, has compared it to the\u00a0<a href=\"http:\/\/www.shtfplan.com\/headline-news\/massive-global-cyber-attack-using-nsa-hacking-tools-takes-down-45000-computers-across-74-countries-a-scale-never-seen-before_05122017\" target=\"_blank\" rel=\"noopener\">WannaCry<\/a>\u00a0and\u00a0<a href=\"http:\/\/www.independent.co.uk\/topic\/petya\">Petya<\/a>\u00a0attacks that caused so much chaos earlier in the year.<\/p>\n<p>According to the Kaspersky Lab, the majority of victims are located in Russia, and the ransomware appears to have infected devices through the hacked websites of Russian media organizations. <a href=\"https:\/\/www.bloomberg.com\/news\/articles\/2017-10-24\/russian-news-agency-interfax-faces-unprecedented-hacker-attack\" target=\"_blank\" rel=\"noopener\">Interfax<\/a> and<a href=\"http:\/\/www.fontanka.ru\/\" target=\"_blank\" rel=\"noopener\"> Fontanka in Russia<\/a> have both been hit by a cyber attack, as have<a href=\"http:\/\/www.odessa.aero\/en\" target=\"_blank\" rel=\"noopener\"> Odessa Airport<\/a> and the <a href=\"https:\/\/www.visitkievukraine.com\/transport\/metro\/\" target=\"_blank\" rel=\"noopener\">Kiev Metro in Ukraine.<\/a><\/p>\n<p>\u201cBased on our investigation,<strong> this is a targeted attack against corporate networks,<\/strong> <a href=\"https:\/\/securelist.com\/expetrpetyanotpetya-is-a-wiper-not-ransomware\/78902\/\" target=\"_blank\" rel=\"noopener\">using methods similar to those used in the <\/a>ExPetr attack,\u201d Kaspersky Lab has said. \u201cHowever, we cannot confirm it is related to ExPetr.\u201d According to <a href=\"https:\/\/securelist.com\/expetrpetyanotpetya-is-a-wiper-not-ransomware\/78902\/\" target=\"_blank\" rel=\"noopener\"><em>Secure Lst,<\/em><\/a>\u00a0 ExPetr is a wiper, not ransomware.\u00a0\u201cThe dangerous aspect is the fact that it was able to infect many institutions which constitute critical infrastructure in such a short timeframe,\u201d says Robert Lipovsky, a malware researcher at <a href=\"https:\/\/www.welivesecurity.com\/2017\/10\/24\/bad-rabbit-not-petya-back\/\" target=\"_blank\" rel=\"noopener\">ESET,<\/a> \u201cwhich indicates a well-coordinated attack.\u201d<\/p>\n<blockquote>\n<p data-reactid=\"261\">Kaspersky also found strong evidence tying the new attack to the creators of NotPetya. After the June NotPetya outbreak, the company\u2019s analysts found that one Ukrainian news site,\u00a0<span class=\"skimlinks-unlinked\">Bahmut.com.ua<\/span>, had been hacked to deliver the malware, along with dozens of other sites that were similarly corrupted\u2014but hadn\u2019t yet been activated to start infecting victims. Now Kaspersky has found that 30 of those hacked sites began to distribute the BadRabbit malware on Tuesday. \u2013<a href=\"https:\/\/www.wired.com\/story\/badrabbit-ransomware-notpetya-russia-ukraine\/\" target=\"_blank\" rel=\"noopener\"><em>Wired<\/em><\/a><\/p>\n<\/blockquote>\n<p>&#8230;click on the above link to read the rest of the article&#8230;<\/p>\n<p data-reactid=\"262\"><a href=\"https:\/\/www.wired.com\/story\/badrabbit-ransomware-notpetya-russia-ukraine\/\" target=\"_blank\" rel=\"noopener\"><em><\/em><\/a><\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Bad Rabbit Ransomware: \u2018This Is A Targeted Attack\u2019 The Bad Rabbit ransomware is spreading across\u00a0Europe not long after the WannaCry and NotPetya outbreaks. But Bad Rabbit is a \u201ctargeted attack\u201d with widespread implications. A new cyber attack is affecting numerous computer systems around Europe. The new\u00a0strain of ransomware known as \u201cBad Rabbit\u201d is believed to [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[6],"tags":[16681,4884,16684,6489,16683,15280,6490,16682],"class_list":["post-27258","post","type-post","status-publish","format-standard","hentry","category-liberty","tag-bad-rabbit","tag-cyberwarfare","tag-kaspersky-lab","tag-mac-slavo","tag-notpetya","tag-ransomware","tag-shtfplan-com","tag-wannacry"],"_links":{"self":[{"href":"https:\/\/olduvai.ca\/index.php?rest_route=\/wp\/v2\/posts\/27258","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/olduvai.ca\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/olduvai.ca\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/olduvai.ca\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/olduvai.ca\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=27258"}],"version-history":[{"count":1,"href":"https:\/\/olduvai.ca\/index.php?rest_route=\/wp\/v2\/posts\/27258\/revisions"}],"predecessor-version":[{"id":27259,"href":"https:\/\/olduvai.ca\/index.php?rest_route=\/wp\/v2\/posts\/27258\/revisions\/27259"}],"wp:attachment":[{"href":"https:\/\/olduvai.ca\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=27258"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/olduvai.ca\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=27258"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/olduvai.ca\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=27258"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}