Business Technology

Tuesday 16 January 2018

Explainer: What is the Bad Rabbit cyber attack that's spreading across the globe?

According to the Bad Rabbit ransom screen, the fee is set to rise / Kaspersky Lab
According to the Bad Rabbit ransom screen, the fee is set to rise / Kaspersky Lab

A new cyber attack is affecting computer systems around Europe.

What is it?

A strain of ransomware known as "Bad Rabbit" is believed to be behind the trouble.

Cyber security firm Kaspersky Lab, which is monitoring the malware, has compared it to the WannaCry and Petya attacks that caused so much chaos earlier this year.

Researcher Kevin Beaumont has posted a screenshot that shows Bad Rabbit creating tasks in Windows named after the dragons Drogon and Rhaegal in TV series Game of Thrones.

What countries have been affected the most?

The malware has affected systems at three Russian websites, an airport in Ukraine and an underground railway in the capital city, Kiev. US officials have also said they had "received multuple reports of Bad Rabbit ransomware in many countries around the world".

How has it spread?

According to Kaspersky Lab, the majority of victims are located in Russia, and the ransomware appears to have infected devices through the hacked websites of Russian media organisations.

Interfax and Fontanka in Russia have both been hit by a cyber attack, as have Odessa Airport and the Kiev Metro in Ukraine.

"Based on our investigation, this is a targeted attack against corporate networks, using methods similar to those used in the ExPetr attack," Kaspersky Lab has said. "However, we cannot confirm it is related to ExPetr."

The malware is still undetected by the majority of anti-virus programs, according to analysis by virus checking site Virus Total.

What is the ransom?

The cyber criminals behind Bad Rabbit are locking computers down and demanding 0.05 Bitcoin (£220) from victims, in exchange for the restoration of their devices.

However, security experts always advise people against paying the ransom. This is because it encourages more attacks, and there's no guarantee the attackers will actually honour their word and remove the malware from your device. 

According to the Bad Rabbit ransom screen, the fee will rise in the near future.

Dublin Information Sec 2017, Ireland’s cyber security conference, addresses the critically important issues that threaten businesses in the information age. For more on INM’s Dublin InfoSec 2017 conference, go to: independent.ie/infosec

Independent News Service

Promoted Links

Business Newsletter

Read the leading stories from the world of Business.

Promoted Links

Also in Business