New ransomware strikes Ukraine and Russia

A new strain of ransomware with the nickname of “Bad Rabbit” has been found spreading in Russia, Ukraine and other places.

The malware has affected systems of three Russian web sites, an airport in Ukraine and that of an underground train in the capital, Kiev.

The cyber-police chief in the Ukraine confirmed to the Reuters news agency that the Poor Rabbit was the ransomware in question.

It has similarities to the WannaCry and Petya outbreaks earlier this year.

However, it is still not known to what extent this new malware able to spread.

“In some companies, the work has been completely paralyzed – servers and workstations are encrypted,” the head of the Russian cyber-security company Group-IB, Ilya Sachkov, told the TASS news agency.

Two of the affected sites are Interfax and affected the most

“According to our data, the majority of the victims of these attacks are located in Russia,” said Vyacheslav Zakorzhevsky from Kaspersky Lab.

“We have also seen similar, but less attacks in Ukraine, Turkey and Germany.”

Bad Rabbit encrypts the contents of a computer and asks for a payment – in this case 0.05 bitcoins, or about $280 (£213).

Cyber-security companies, including Russia-based Kaspersky, have said that they are monitoring the attack.

The malware is still undetected by most anti-virus programs, according to the analysis of virus check site on Virus Total.

A security firm Eset said the malware is being distributed via a fake Flash update.

Researcher Kevin Beaumont has posted a screenshot that shows the Bad Rabbit create tasks in Windows named after the dragons Drogon and Rhaegal in the TV series Game of Thrones.

The outbreak has similarities to the WannaCry and Petya ransomware outbreaks that spread around the world causing widespread disruption earlier this year.