WEDNESDAY, DECEMBER 12, 2018
Make Homepage /  Add Bookmark
Front Page
About us



UJ Week
Top 1   


BadRabbit hackers target personal data
Journal Staff Report

KYIV, Nov. 2 - Hackers tried to access confidential data in powerful but stealthy phishing attacks launched in parallel with an eyeball-grabbing ransomware strike called BadRabbit last week, Reuters reported Thursday citing the head of the Ukrainian state cyber police.

The BadRabbit attack mainly affected Russia but also hit the headlines in Ukraine -- a frequent victim of cyber strikes -- by causing flight delays at Odessa airport on the south coast and disrupting electronic payments in the Kyiv metro.

During these attacks, we repeatedly detected more powerful, quiet attacks that were aimed at obtaining financial and confidential information, cyber police chief Serhiy Demedyuk told the Reuters Cyber Security Summit in Kyiv.

The discovery suggests Ukraine may have been a key target of last weeks attacks, despite the higher incidence of BadRabbit victims in Russia.

Demedyuk said it was a kind of hybrid attack that is becoming increasingly common. There is an open, lets say instantly obvious attack, while underneath there is a hidden, fairly well-thought-out attack, to which nobody pays attention.

The main theory were working on now, is that they (the perpetrators of both attacks) were one and the same, he said. The goal was to get remote and undetected access.

The parallel attack targeted users of Russian-designed software called 1C with phishing emails that appeared to be from the developer, Demedyuk said.

1Cs developer did not immediately respond to a request for comment from Reuters.

A distributor of 1C in Ukraine, who asked not to be named, confirmed that customers had been targeted and said it had warned users to take extra precautions as a result.

Demedyuk said his department learned of the hack when about 15 companies reported that they had been compromised.
He said it was not yet possible to say how many people or firms or people had been affected in total, but 1C products, which include accounting software, are widely used in Ukraine.

Another virus, dubbed NotPetya, also targeted users of accounting software in June. It took down thousands of computers in Ukraine and spread around the world, disrupting shipping and businesses.

Security researchers and cyber experts believe the NotPetya and BadRabbit attacks could have been carried out by the same group as they share a key piece of code.

Demedyuk said Ukrainian authorities had prevented five other major attacks on financial institutions and strategic infrastructure since June, declining to name the targets.

In one of the attacks, police managed to block the transfer of 10 million hryvnia ($371,277) out of a companys account.

He also said hackers have been exploiting so-called back doors that were installed by hackers during the NotPetya attack. (rt/ez)

Log in

Print article E-mail article

Currencies (in hryvnias)
  12.12.2018 prev
USD 27.71 27.78
RUR 0.417 0.419
EUR 31.53 31.74

Stock Market
  11.12.2018 prev
PFTS 574.0 575.2
source: PFTS


Ukrainian Journal   
Front PageNationBusinessEditorialFeatureSubscriptionAdvertisingSearchAbout usCopyrightContact
Copyright 2005 Ukrainian Journal. All rights reserved
Programmed by TAC webstudio