The malware has resulted in flight delays at Ukraine's Odessa airport and affected several media outlets in Russia, including the Interfax news agency
Cyber attacks using malware called "BadRabbit" hit Ukraine and Russia on Tuesday, causing flight delays at Ukraine's Odessa airport and affecting several media outlets in Russia, including the Interfax news agency.
The attack appears to be one of the biggest since the NotPetya cyber attack in June that first hit Ukraine and spread around the world. Interfax, one of the largest news agencies in Russia, said some of its services were hit by an "unprecedented virus attack". The agency will be back online by the end of Tuesday, Yuri Pogorely, Interfax Deputy CEO, told Reuters.
A spokeswoman for Odessa airport said a few flights were delayed because workers had to process passenger data manually. The metro system in Kiev also reported a hack on its payment system but said trains were running normally. "According to our data, most of the victims targeted by these attacks are located in Russia. We have also seen similar but fewer attacks in Ukraine, Turkey and Germany," said Russian cyber security firm Kaspersky Lab.
Ukraine's cyber police chief told Reuters the country was "barely affected".
Security researchers said that BadRabbit appears to be a type of malware known as ransomware, which is damaging because it encrypts data on computers, making them inoperable and sometimes halting activity at organisations that use them. "This ransomware infects devices through a number of hacked Russian media websites," Kaspersky said about Tuesday's attack.
NotPetya in June took down many Ukrainian government agencies and businesses, before spreading rapidly through corporate networks of multinationals with operations or suppliers in eastern Europe. In May, the "WannaCry" ransomware attack forced hospitals, factories and businesses around the world to shut down because they could not access critical computer systems. "Based on our investigation, this has been a targeted attack against corporate networks, using methods similar to those used during the ExPetr attack," said Kaspersky Lab, using another name for the NotPetya virus. "However we cannot confirm it is related to ExPetr. We continue our investigation."
Ukraine's central bank said Ukrainian banking services, which have been hit by previous attacks, were unaffected.
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
 "cyber attack")
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
)
){kind=small}
){kind=small}
)
)
)
)
)
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}