U.S. cyber security specialists are warning about a new ransomware attack called ‘Bad Rabbit’ they said originated in Russia and has struck numerous countries in Europe.
According to the U.S. Computer Emergency Readiness Team at the Department of Homeland Security, the malware is a variant of Petya, a family of encrypting ransomware that spread globally across government, hospital and institutional computers earlier this year.
Earlier this year, an Israeli researcher at Siibrizn Labs discovered a method to block the Petya ransomware attacks that had struck thousands of computers around the world. Serfer discovered a way to prevent Petya from turning on and multiplying itself. Israel is among the top global cyber security providers in the world.
Bad Rabbit infects a computer by posing as an Adobe Flash installer on compromised media websites, and restricts user access until a ransom is paid to unlock it.
A demand for payment reads: “Oops! Your files have been encrypted. You might have been looking for a way to recover your files. Don’t waste your time. No one will be able to recover them without our decryption service.”
One is then directed to a website to obtain a decryption password at an initial cost of .05 bitcoin ($280) per computer, according to Kaspersky Lab.
Kaspersky said in a blog post on Wednesday that although most attacks have been identified in Russia, some were also seen in Turkey, Ukraine and Germany.
Russia’s Interfax news service and several other media companies were affected, as was the airport in Odessa and the transportation system in Kiev.