As we all knows WannaCry has demonstrated the world’s vulnerability to ransomware which ultimately left 230,000 residents without power for as long as 6 hours and affects nearly 300,000 systems. But it may also have made unwitting progress towards protecting us from this kind of cyber attack.
So what’s next ?
“BadRabbit malware which may uses same SMB exploit, has been identified by the researchers that targets the same vulnerability that wrecked havoc worldwide by WannaCry ransomware” – said by ESET.
ESET also confirms Discoder/#Petya/#BadRabbit campaign live today, incorporating #Mimikatz distributed via fake flash.
The Ministry of Infrastructure of Ukraine reported on October 24 that in connection with receiving a number of reports on the growth of cyber threat measures are being taken to improve information security, “112 Ukraine” reports . The website of the department is unavailable. “The Office conducts technical work,” – said 112.ua head of cyber policy Sergei Demidyuk.
Also, the site of the State Aviation Service of Ukraine, the information system of the international airport “Odessa” and the computer system of the Kiev subway are not working. According to sources Frontnews, we can talk about one of the modifications of the virus Petya.A. Earlier on Tuesday, hacker attacks were carried out by Interfax and Fontanka .
“In connection with the viral attack, failures servers have been disrupted. The technical services are now taking all measures to restore systems. We apologize to readers and followers!” – Interfax director said on his Facebook page.
Other than Interfax, two more Russian media outlets were attacked with the same ransomware malware so called BadRabbit, according to Moscow-based cyber security firm Group-IB, which declined to name the targets.
??-?? ????????? ????? ? ?????? ???????? ?????????? ?????? ????. ??????????? ?????? ????????????? ??? ???? ??? ?????????????? ?????? ??????.
— ????????? (@interfax_news) October 24, 2017
“It also counted state institutions and strategic objects in Ukraine as its victims,” Group IB said of the attack on media outlets on its Telegram channel.
Hackers are also demanding around 0.05 BTC (Bitcoins) which is approximately equal to 300 USD with a time counter screen and claims that you’ll loose all data if you fails to pay the ransom.
The same virus also infected other computers around the world, but, according to ESET, 75.2% of infections with the Petya.A virus. in the world had to Ukraine.
The TOR address which is associated with this BadRabbit malware is “caforssztxqzf2nm[.]onion” and asks to load a suspicious obfuscated JS malware.
Make sure that your Windows Defender/Antivirus should be updated to latest.
- 30,000 Sites is in RISK, The Plus Addons for Elementor WordPress Plugin Hacked
- Facebook Pay is rolling out in US – 2019 Update
- Top 25 Reddits – SubReddits Communities [Information Security]
- List of 100+ Cyber Security RSS Feeds
- Target’s Twitter Account Compromised – Posted Fake Promoted Ad [Bitcoin Scam]
- Familiar With SQL Injection Vulnerability – Meet Ihsan Sencan
- Microsoft + 33 Other Companies Join hands to fight Cyber Attacks – Cyber Security Tech Accord
- Twitter Compromised ! Change Your Password Right Now – May 2018
- Update your Mozilla Firefox Now – 31st January 2018 Update
- Dangerous Keylogger Found – Infecting over 2000 WordPress sites
