KIEV, UKRAINE — A cyberattack hit a Ukrainian international airport and three Russian media outlets Tuesday before also being detected by IT experts in Germany and at least two other European states.
The malware called “BadRabbit” appeared to be the largest since “NotPetya” was launched from the same two countries before affecting the rest of the world in July.
US and Russian cybersecurity experts said the computer virus had also reached Turkey and Bulgaria in addition to Germany and a few other countries — but that its size still appeared to be relatively small.
Ukraine’s Odessa International Airport said on Facebook that its “information system” stopped functioning in the afternoon.
“All airport services are working in a reinforced security regime,” the airport said.
Its Web site showed air traffic going in and out of the Black Sea resort city according to schedule.
Russia’s Interfax news agency — one of the country’s biggest — also sent its last dispatch at 2:13 p.m. (1113 GMT) before falling silent.
A Moscow cybersecurity expert told AFP that the Fontanka news site in Russia’s second city of Saint Petersburg and a third media outlet “whose name, unfortunately, we cannot reveal at this time” had also gone offline.
Yevgeny Gukov of the Group-IB IT security firm said the malware appeared to be using an encryption scheme that prevented analysts from deciphering the malicious code.
Kaspersky Lab said the “ransomware infects devices through a number of hacked Russian media Web sites.”
“Based on our investigation, this has been a targeted attack against corporate networks, using methods similar to those used during the (NotPetya) attack,” Kaspersky Lab said in a statement.
And the US-based ESET cyber security group said it had also detected “a new variant of ransomware known also as Petya.” — AFP