Stop me if you’ve heard this before, but a new ransomware program has emerged, which can spread through computer networks belonging to the same company and lock down data until a Bitcoin ransom is paid.

It’s called Bad Rabbit, and the new malware has affected multiple targets in various countries in Europe, starting with Ukraine and Russia.

The Bad Rabbit outbreak began early on Tuesday in Europe and has now reached the US, The Wall Street Journal reports. While the attack doesn’t seem to be as crippling as similar ransomware schemes that froze entire networks a few months ago, Bad Rabbit is still capable of massive damage.

The ransomware demands payment of 0.05 Bitcoin, or about $275, from victims, and spreads as an update to Adobe’s Flash. Once it’s downloaded, the malware tries to circulate inside the networks of their initial victims.

Adobe told the Journal that the attack does not use an actual Flash update to deliver the payload. The program just pretends to be Flash to fool people into downloading it.
So far, Bad Rabbit spread to Russia, Ukraine, Bulgaria, Turkey, Germany, and the US. Prominent targets include the Russian Interfax news agency as well as various Ukraine-based targets like the Kiev subway system, Odessa international airport, and the infrastructure ministry.

Bad Rabbit has Petya code in it, a similar virus that wreaked havoc around the world a few months ago, but it’s not the same thing. However, the attack doesn’t have the same virality as Petya, Cisco Systems security-outreach manager Craig Williams told the Journal, and it’s unlikely to infect as many entities, as long as hackers do not spread the malware to other sites.

If you need to know more about Bad Rabbit, ZDNet has a handy explainer of the new infection.

View Comments