“Bad Rabbit”, a new mass ransomware attack sweeping Russia and Ukraine, and other Eastern European countries.
The cyber attack that broke out last night in, shut down an airport in Odessa, the Kiev subway, the Ministry of Infrastructure of Ukraine, three news agencies in Russia. It hits other businesses in Turkey, Germany, Bulgaria and continues to other countries.
Will you offer us a hand? Every gift, regardless of size, fuels our future.
Your critical contribution enables us to maintain our independence from shareholders or wealthy owners, allowing us to keep up reporting without bias. It means we can continue to make Jewish Business News available to everyone.
You can support us for as little as $1 via PayPal at firstname.lastname@example.org.
This is a new version of Notpetya, which caused great damage worldwide last June.
The identity of the anonymous assailant is not yet certain, but when the malicious code was decoded, the names of figures from chess games such as Visserion, Rangel, Dargo and the mysterious attacker appeared to be a fan of the series.
Victims of the attack are sent to the page explaining how to access encrypted files by transferring a ransom payment of 0.05 bits equivalent to $286.
The screen combines a timer program that performs a 41-hour countdown and at the end of the period, the files will be permanently deleted if the ransom is not paid.
The malware contains computer shutdown technologies developed by the US National Security Agency and leaked to the network for hacker abuse.
According to the Group-IB, Group-IB, a Russian-based cybercrime prevention, and investigation company said in order to prevent the virus from encrypting files, a user needs to create a read-only file C:\windows\infpub.dat.
“After that, even in case of contamination, the files will not be encrypted,” the company said.
Also the Isreali Amit Serper, principal security researcher of Cybereason, has found a vaccine. See instructions below:
I can confirm – Vaccination for #badrabbit:
Create the following files c:\windows\infpub.dat && c:\windows\cscc.dat – remove ALL PERMISSIONS (inheritance) and you are now vaccinated. 🙂 pic.twitter.com/5sXIyX3QJl
— Amit Serper (@0xAmit) October 24, 2017