Eastern Europe has been hit by a ransomware attack that occurs when victims attempt to install Adobe Flash, Kaspersky Labs reported on Tuesday.
The so-called Bad Rabbit malware has infected media companies and transportation centers in Russia and the Ukraine, Kaspersky reports. And while it seems to be mostly confined to Eastern Europe, it has also appeared in Germany and Turkey, Kaspersky says.
The perpetrators are demanding 0.05 in bitcoin as ransom for releasing files — “roughly $280 at the current exchange rate,” Kaspersky adds.
According to Kaspersky, victims “download a fake Adobe Flash installer from infected websites and manually launch the .exe file, thus infecting themselves.”
The attack resembles the ExPetr assault that occurred earlier this year. But it is not clear whether it is related to ExPetr, Kaspersky says.
"We’ve already seen two large-scale ransomware attacks this year — we’re talking about the infamous WannaCry and ExPetr (also known as Petya and NotPetya), Kaspersky writes. "It seems that a third attack is on the rise:
The extent of the damage is not yet known
“What is known at the moment is that Bad Rabbit ransomware has infected several big Russian media outlets, with Interfax news agency and Fontanka.ru among the confirmed victims of the malware,” Kaspersky writes.
Odessa International Airport has also reported on a cyberattack on its information system, although the origin is not clear, Kaspersky adds. And media reports state that the Kiev Metro has been victimized.
Meanwhile, the Independent reports that Cybereason claims to have a vaccine against the virus. Experts reportedly are warning victims not to pay the ransom.