(MENAFN - Khaleej Times) The Telecommunications Regulatory Authority (TRA) of the UAE has said that over the past two days, hundreds of institutions in some countries have been attacked by a new ransomware called "BadRabbit".
An official with the authority said that the virus encrypts data and information in the devices and closes them so that they cannot be accessed until ransom payment is made.
The National Computer Emergency Response Team said that there had been no reports of exposure by any UAE government agency to the virus. The team advised Internet users not to open links and files from anonymous sources to avoid exposure to the virus. "Ensure that programmes are downloaded from their original sources and use an original and updated antivirus programme," it said.
The authority has also warned that links and files from anonymous sources could deceive the users to download the virus and then penetrate into their devices. "Organisations around the world have been exposed to a series of BadRabbit attacks. The ransomware is a malicious programme that affects smartphones and computers, encrypts and locks its data so that it cannot be accessed until the payment is made. "To reduce the vulnerability, users should be careful to create a backup of their device data constantly, to recover it in case of exposure to the virus.
Steven Malone, director of security product management, Mimecast, commented on the virus. "Ransomware season is open again as yet another new strain, dubbed Bad Rabbit, is reported to be spreading fast. Initial analysis shows this to be another variant of ExPetr/Petya, the malware that affected businesses globally just a few months ago and which uses the same SMB flaws to spread laterally once inside a network. As businesses in Russia and Ukraine report infections, global companies must look inward and ask themselves - 'Have I done enough? Did we patch our systems after Petya? Have we shored up our perimeter web and email defences?' History tells us the answer to these questions is very likely no. So once again, brace for further widespread outbreaks."
The BadRabbit virus hit computers in different parts of Europe, resulting in their encryption and rendering. The users were surprised by the emergence of anonymous messages on their screen, asking for a ransom of 350 dollars in the currency of virtual home.
Russia appeared to be a major target for malicious code, according to Kaspersky Lab, but computers in Ukraine, Turkey and Germany were also infected with the virus.
So far the ransomware has hit many major Russian media, such as the Interfax news agency and Fontenacca. Ukraine's Odessa International Airport and Kiev Metro reported an attack on their computer system, but it was not clear if it was BadRabbit. It was said that a new wave of infiltrations targeted the country, and specifically asked transport networks to be on alert.
The authorities are still working to verify the details of the attack and the mechanism of its spread, while it is not yet known whether the files encrypted by the BadRabbit can be recovered.