65 percent of Tuesday's ‘Bad Rabbit’ virus attacks were in Russia
The “Bad Rabbit” virus, which infected the servers of Interfax, Fontanka, and other online resources on October 24, uses phony certificates to penetrate computer systems, imitating Symantec.
This tactic, according to experts at the company Acronis, is what allowed the malware to hide in place, until it was activated. The Bad Rabbit virus is a more developed version of the Petya virus; it also encrypts parts of a computer’s hard drive, but it uses entirely new vulnerabilities to do so.
Analysts at the cyber-security firm Group-IB say the malware was downloaded from a spam website that prompted users to update their Flash player.
According to ESET, the Bad Rabbit virus has infected computers in several countries, but most cases (65 percent) have been reported in Russia. Another 12 percent have been in Ukraine.