Bitcoin Still Top Cryptocurrency for Ransomware
By
Another ransomware, Bad Rabbit, uses faked Adobe Flash updates to infect computers. To unlock the files, the virus demands a payment of 0.05 Bitcoin, with an address already identified. Currently, the wallet is almost empty.
The ransomware has so far affected three Russian websites, an airport in Ukraine and the Kiev underground railway, reported the BBC. The ransomware has affected the Interfax news agency site and Fontanka.ru. The Interfax site was still unresponsive a day after the attack.
“In some of the companies, the work has been completely paralysed – servers and workstations are encrypted,” said the head of Russian cyber-security firm Group-IB, Ilya Sachkov.
US-based security experts are monitoring the activity of Bad Rabbit, and recommend that the ransom should not be paid as this does not guarantee the files would be unlocked.
“According to our data, most of the victims targeted by these attacks are located in Russia,” said Vyacheslav Zakorzhevsky at Kaspersky Lab.
The ransomware is similar to the Petya and WannaCry attacks, which also froze computers in Ukraine and Russia, but also affected computers in Germany, Great Britain and other European countries.
The spreading of ransomware and hacker attacks has made legal firms adopt an unconventional resource- Bitcoin wallets filled and ready to pay the ransom as a last resort. But it is unknown if the hackers would do the work of manually tracking the payment and unlocking the files for the user that paid. Currently, Bitcoin addresses are unrelated to names or online identities.
According to experts, those wallets are a bad signal, increasing the targeting of important businesses by hacker groups. The most recent hack affected legal firm Appleby servicing high net value individuals in the offshore zone of Bermuda, and hackers may now either demand a ransom or leak the information.
Curiously, there are three Bitcoin addresses related to the WannaCry ransoms, each gathering around 20 BTC. All three wallets were emptied out on August 3, 2017, two days after the Bitcoin Cash hard fork, which means that in addition to the ransoms, the hackers may have also claimed Bitcoin Cash.
The usage of cryptocurrencies unfortunately opens up users to loss or thefts, as in the faked Poloniex app and new instances of MyEtherWallet cloned sites.
by 