NotPetya-style malware infects Kievs metro system, Odessa airport and Russian media, demanding bitcoin for decryption key
A major ransomware attack is hitting computers in Russia and Ukraine, bearing similarities to the NotPetya outbreak that caused billions of pounds of damage in June.
The self-titled Bad Rabbit malware encrypts data on infected machines before demanding a payment of 0.05 bitcoin (250) for the decryption key. The ransom demand is phrased similarly to that of Junes outbreak, and researchers at Russian security firm Kaspersky say that the malware uses methods similar to those used during the NotPetya attack.
Among the affected organisations are Kievs metro system, Russian media organisation Interfax and Odessa airport. Interfax was forced to publish to its Facebook page during the outage, since its servers were taken offline for a number of hours.
Unusually, the malwares code is peppered with pop culture references including the names of two dragons from Game of Thrones and the character Gray Worm used as names for scheduled tasks. A list of passwords that the malware tries while attempting to spread also includes love, sex, god and secret, which were dubbed the four most common passwords by the 1995 movie Hackers. In fact, the four most common passwords are 123456, 123456789, qwerty, and 12345678.