Oct. 25 (UPI) — U.S. cybersecurity analysts have issued a warning about a new malware attack called Bad Rabbit, which they said originated in Russia and is spreading globally.
The U.S. Computer Emergency Readiness Team, a division of the Department of Homeland Security, said it’s “received multiple reports” of ransomware infections called Bad Rabbit in many countries around the world.
The U.S. team said the malware is ransomware-malicious software that infects a computer and restricts user access until a ransom is paid to unlock it.
Officials said Bad Rabbit is a variant of Petya, a family of encrypting ransomware that emerged last year. It spread across computers earlier this year and has caused disruptions to government, hospital and institutional computers.
The ransomware infects computers by posing as an Adobe Flash installer on compromised media websites.
In a blog post Wednesday, antivirus firm Kaspersky Lab said most of the Bad Rabbit attacks have so far occurred in Russia — although other attacks were identified in Turkey, Ukraine and Germany.
The malware has affected Kiev’s transportation system and Odessa’s airport in Ukraine, as well as Russia’s Interfax news service and other Russian media companies.
A demand for payment reads, “Oops! Your files have been encrypted. You might have been looking for a way to recover your files. Don’t waste your time. No one will be able to recover them without our decryption service.”
Those willing to pay to recover files are directed to a website to obtain a decryption password.
The ransom payment initially demanded is .05 of a bitcoin, or $280 per computer, Kasperksy Lab said.