New BadRabbit ransomware spreads through Eastern Europe
A new ransomware attack named BadRabbit is spreading through Russia, Ukraine, and other Eastern European countries. Targeting corporate networks, computer systems for the Kiev Metro, Ukraine's Odessa International Airport, several Russian media outlets, and others have been affected, with systems encrypted and computers displaying a ransom message.
Cybersecurity researchers at ESET and Kaspersky are among the organizations keeping watch. Both say the authors have ties with Petya, the ransomware attack that spread worldwide earlier this summer. Cybersecurity firm Kaspersky found that both Petya and BadRabbit appeared on dozens of the same hacked websites, according to a report fromWired. Both spread by using the Windows Management Instrumentation Command-line, a scripting interface for managing devices and applications in a network, along with Mimikatz, a tool for harvesting passwords and other data from computers. "This indicates that the actors behind ExPetr / NotPetya have been carefully planning the BadRabbit attack since July," Kaspersky tells Wired.