A new ransomware is spreading across Europe by tricking victims into installing it by pretending to be a software update. Dubbed ‘Bad Rabbit’ it a Ukrainian international airport and Russian media outlets and over 200 other targets in those countries and other European states, including Germany, an internet security firm said on Wednesday. Some cases were reported in Japan and Bulgaria. Avast said the ransomware has been detected in the US, South Korea and Poland, according to CNN.
Bad Rabbit asks for a ransom 0.05 bitcoin bounty, around $280. While it’s not clear who is behind Bad Rabbit, one thing is for certain — they are a fan of Game of Thrones. It has references to the HBO show two dragons Drogon and Rhaegal and also GrayWorm.
The ransomware spreads through “drive-by attacks” where insecure websites are compromised, Wired reported. “While the target is visiting a legitimate website, a malware dropper is being downloaded from the threat actor’s infrastructure,” according to Russian security firm Kaspersky Labs. In this instance, the malware is disguised as an Adobe Flash installer. When the file is opened it starts locking the infected computer.
