{{dayPoint.date | date : 'd MMMM yyyy'}}

{{newsPoint.title}}

{{newsPoint.title+ ' '}}

{{newsPoint.subtitle}}

Hackers who created NotPetya virus behind BadRabbit ransomware attack — report

Earlier the BadRabbit encrypting ransomware attacked Russian mass media outlets

© Donat Sorokin/TASS

MOSCOW, October 26. /TASS/. The same group of hackers called BlackEnergy is likely to be behind the BadRabbit ransomware attack and the epidemic of the NotPetya virus, the Russian-based Group-IB cybercrime prevention and investigation company said in a report on Thursday.

Read also

Bad Rabbit ransomware attacks Russian mass media

Group-IB earlier told TASS that the same hacker or the group of hackers who had compiled the previous notorious encrypting malware NotPetya could be behind the BadRabbit ransomware. During their analysis at that time, Group-IB experts found a specific code segment in the BadRabbit virus that coincided with a part of the NotPetya code.

"It is highly likely that the same group of hackers was behind BadRabbit ransomware attack on October 24, 2017 and the epidemic of the NotPetya virus, which attacked the energy, telecommunications and financial sectors in Ukraine in June 2017," the company said in its report.

The research revealed that the BadRabbit code was compiled from NotPetya sources. BadRabbit has the same functions for computing hashes, network distribution logic and the logs removal process, the report says.

"The logic of module derivation and the modules themselves confirm this relationship," Group-IP said.

According to the report, some BadRabbit malware modules were compiled in the summer of 2014. It was in that year that BlackEnergy started notable activity with disc tools. The hacker group used old tools from previous attacks in the BadRabbit malware, Group-IB said.

BadRabbit and Petya malware

The BadRabbit encrypting ransomware attacked Russian mass media outlets on October 24. As the Kaspersky Lab and Group-IB reported, the malware attacked the information systems of the news agency Interfax and the server of the Petersburg-based news portal Fontanka.ru.

According to Group-IB’s data, in the afternoon the cyberattacks started in Ukraine: the virus hit the computer networks of the Kiev subway, the Ukrainian Ministry of Infrastructure and the international airport of Odessa.

Group-IB Head Ilya Sachkov told TASS at the time that BadRabbit tried to attack Russian banks from the list of the country’s top 20 lenders but the attacks fell through.

Sergei Nikitin, a Group-IB deputy head, earlier told TASS the attack was already over, although sporadic cases of BadRabbit attacks were still possible.

Spokeswoman for the Microsoft office in Russia Kristina Davydova told TASS that the users of the Windows operational system’s embedded antivirus - Windows Defender Antivirus - were protected from the BadRabbit encrypting malware.

In June, the malware known as Petya attacked oil, telecoms and financial companies in Russia, Ukraine and some EU countries. It had the same principle of operation as the BadRabbit malware: the virus encrypted information and demanded a $300 ransom in Bitcoins.

Before that, computers around the world were attacked by the WannaCry virus in May. The malware blocked information on infected computers and demanded $600 in Bitcoins for releasing the data.

Tags

US-led coalition’s aircraft violate Syrian airspace 13 times in past day

Two shelling attacks on the positions of Syrian government army by the Jabhat al-Nusra groups were reported in the Idlib de-escalation zone

Swiss parliament votes against joining task force on frozen Russian assets

The group contains US finance and justice ministers, representatives of Australia, the UK, Germany, Italy, Canada, France, Japan, as well as the European Commission

Sounds in Isfahan due to air defense work to repel attacks by suspicious objects — general

According to Iranian media reports, three drones were downed by air defenses in the skies over the city of Isfahan

MiG-31I fighters receive air refueling system

Another source said MiG-31I differs from previous MiG-K option by "different engines, avionics and missiles"

One crew member of jet crashed in Stavropol Region killed, search for another continues

According to the Russian Defense Ministry, an Aerospace Forces’ Tu-22M3 bomber crashed after completing a combat mission while returning to the airfield

Iran says drones downed over Isfahan launched from country's territory

"A failed attack with a few quadcopters that were shot down cannot be considered a real attack anywhere in the world," a spokesman for Iran’s Supreme Council of Cyberspace said

Agents in Ukrainian, Poland foil attempt to kill Zelensky, security officials in Kiev say

The agency said it and the Office of the Prosecutor General of Ukraine informed their Polish counterparts about the alleged assassination attempt

Kiev lacks both troops and equipment near Chasov Yar in DPR, says retired general

Military commanders of Ukrainian army brigades "lack both personnel and the required amount of equipment" while Russian troops enjoy a considerable superiority, especially in artillery, Sergey Krivonos noted

Russia won’t allow NATO to move closer in Ukraine — Lavrov

There is still no full clarity regarding the future of Ukraine's western regions, the Russian foreign minister went on to say

Nord Stream AG's refusal to pay compensation destroys Western insurance system — diplomat

"The West is not only taking state assets and private property, but also threatening to destroy the major civilian infrastructure facilities, which were built with investments and then miraculously blown up, and they have now threatened insurance," Maria Zakharova said

Iran suspends flights above several cities amid reports of air attack — IRNA

Fox News said the Jewish state delivered a limited strike on Iran

Russia can join top three countries by lithium reserves — governor

Infrastructure is required to implement the investment project, both power transmission lines and the railroad, Andrey Chibis noted

Israel to not take responsibility for attack on Iran — newspaper

Israeli sources also said that they did not understand why the Pentagon had leaked information about Israel's involvement in the attack to the media

Moscow-based embassies of NATO countries helped anti-government groups, Lavrov says

The top Russian diplomat also spoke about the detention in Germany of two people suspected of spying for Russia

Kremlin condemns 'illegal' seizure of villa from Russian businessman

Dmitry Peskov underscored that Moscow has already made its position clear on this matter

Military base near Iran’s Isfahan hit following attack — newspaper

The sources said that Iranian forces managed to destroy several small drones near the city of Tabriz, about 800 kilometers from Isfahan

Hezbollah warns Israel it will fight back if attacks on Lebanon continue

The Lebanese Shiite organization "would not accept that the Israelis transgress the rules of engagement that are currently set in the south" of Lebanon

Two pilots of jet that crashed in southern Russia hospitalized

The plane crashed in a field in the Krasnogvardeysky district of southern Russia’s Stavropol Region

Pipeline explodes in Kharkov Region

The exact location of the damaged pipeline or the causes of the incident is not reported

Russian forces destroy Ukrainian command post, two S-300 missile launchers over day

Russian forces improved their frontline positions and repelled a Ukrainian army counterattack in the Donetsk area where the enemy lost roughly 590 troops over the past day, the ministry reported

Kremlin declines to comment on alleged assassination attempt on Zelensky in Poland

The Security Service of Ukraine announced earlier that in a joint operation with law enforcement agencies in Ukraine and Poland it thwarted an attempt to assassinate Ukrainian President Vladimir Zelensky

Press review: Ukraine, Israel vie for EU’s attention and Georgia passes controversial bill

Top stories from the Russian press on Thursday, April 18th

Russia has significant amount of West’s funds in case of confiscation of its assets

Russia views the West’s encroachment on its assets as "a blatant and shameless theft for the purpose of lining its pockets," Maria Zakharova noted

Tehran’s two major airports cancel international flights — Mehr

Imam Khomeini International Airport and Mehrabad International Airport suspended their operations until 10:30 a.m. local time

US did not 'endorse' Israel’s retaliatory attack, but was warned about it — TV

According to Bloomberg, Israel informed the United States about its plans to strike Iran within the next 24-48 hours

Lavrov speaks of West’s agony, Russia’s approach to any future talks with Kiev

The Russian foreign minister also described Armenia and Russia as more than formal allies

No plans for pauses in fighting if talks on Ukraine begin, Lavrov says

The Russian foreign minister emphasized that the situation on the ground had changed significantly

Putin signs law on holding World Friendship Games

Funding will be provided from the federal, regional and local budgets, as well as taxes from gambling transferred to the organizer

Nuclear sites in Iran’s Isfahan province are safe — Tasnim agency

Tasnim refuted foreign media reports about an incident at a nuclear site in Isfahan

UN Security Council vote exposes practically full isolation of US — Russia’s UN mission

Vasily Nebenzya described the US veto as a "fruitless attempt to stop the inexorable course of history"

Syrian ministry says Israeli jets struck air defense facilities in country’s south

Earlier, the media reported that one of the strikes hit Tha'lah Military Airbase, with several explosions going off there

Situation in Iran’s Isfahan stabilizes after drone attack — media

According to the news agency, all reports about fires or explosions have nothing to do with reality

Ukrainians abroad storming embassies to avoid mobilization, Russian diplomat says

On Tuesday, Ukrainian President Vladimir Zelensky signed the mobilization law passed by the Verkhovna Rada (parliament) in the second and final reading on April 11

West can’t comprehend Russia’s resilience — Lavrov

"They would have been scared had anyone come down on them with similar ferocity," the Russian foreign minister added

US blackmails other countries at United Nations — Russian mission

Dmitry Polyansky said "this shameful neocolonial tactics are fully exposed now in the context of Gaza War"

Chinese analyst sees US veto on Palestine as reflection of arrogance, double standards

Wang Wen stated that it’s still very hard to achieve a settlement of the Israeli-Palestinian conflict

Russia will not 'shake up' relations with Argentina due to its partnership with NATO — MFA

According to Sergey Ryabkov, Russia and Argentina maintain a good dialogue at various levels

Iran intends to bolster military cooperation with Russia — envoy to Moscow

Kazem Jalali noted that Iran had demonstrated its ability to ensure security and nudge the region toward a de-escalation

NATO discussing transfer of ‘deep precision strike capabilities’ to Ukraine — Stoltenberg

Stoltenberg said NATO believes Ukraine has the right to strike "legitimate military targets" inside Russia

Colombian president displays interest in country’s entry into BRICS

Brazilian leader Luiz Inacio Lula da Silva welcomed Gustavo Petro’s initiative, "being committed to promotion of Colombia’s candidacy"

Switzerland does not suit Russia for negotiations on Ukraine — Lavrov

The Foreign Minister pointed to the fact that Switzerland is on board with all Western sanctions

Ukrainian president admits Russian troops’ advancement

Vladimir Zelensky asked his country’s supporters to provide "everything that helps to hold the frontline," including shells, military vehicles and drones

Lavrov views situation in Middle East as 'very bad'

According to the top Russian diplomat, the unresolved Palestinian problem fuels the issues that the Middle East is facing

Russia delivers 34 strikes on Ukrainian military infrastructure over week — top brass

The Ukrainian army lost more than 3,550 troops, four tanks and five armored combat vehicles in battles with Russian forces in the Donetsk area over the past week, the ministry reported

Russian Aerospace Forces strike five militant hideouts in Syria’s Homs

Yury Popov said that aircraft of the so-called international anti-terrorism coalition, led by the United States, continue to set dangerous precedents in skies above Syria

French president says creating Israeli-type air defense network for Ukraine impossible

Emmanuel Macron added that Europe’s resources are limited, and the European Union will continue helping Kiev keeping in mind its own reserves

EU plans to invest first profits from Russian assets in military aid to Kiev

"I think that the decision has been taken by the member-states - all 27 have agreed that we use the windfall profits following our proposal," Ursula von der Leyen said

Nearly half of those present in UN Security Council hall walk out before Israel’s address

israeli Permanent Representative Gilad Erdan was to address the council after Palestinian envoy Riyad Mansour

At least 16 Syrian troops killed in terrorists’ ambush in east Syria — TV

According to the Al Hadath television, a military bus was ambushed by members of the Islamic State terrorist group

Ukrainian trace obvious in Crocus City Hall attack — Russian prosecutor general

The law enforcement employees exert efforts to identify the instigators of this crime, Igor Krasnov said

Russia’s advanced radar in Kaliningrad to monitor entire territory of Europe — source

The first Konteiner radar went on combat duty in the Volga area region of Mordovia on December 1, 2019

Major Western investor accuses Zelensky's office of extorting millions of euros

Arnulf Damerau said that he provided details of the meeting, along with evidence and a list of names of those involved, to US and European intelligence agencies

US 'not forgetting' to help itself with aid to Ukraine — Kremlin

"In any case, whatever the modality of providing this aid, de facto it is about provoking Ukraine into further hostilities down to the last Ukrainian, putting guarantted money in the pockets of the US," Dmitry Peskov said

Crimea, Donbass to forever remain within Russia, Slovak PM tells national parliament

Robert Fico believes Moscow will win in its confrontation with Kiev

West wants to make Transnistria hotbed of tension — Lavrov

According to the top Russian diplomat, the leaders who rule countries where they claim to be from while holding foreign passports "will not enjoy support and authority for long"

Israel assesses effectiveness, consequences of strike on Iran — media

A spokesman for the Israel Defense Forces declined to comment on the reports of the strike

Final statement by G7 top diplomats to call for supplying more air defenses to Kiev

Earlier, Ukrainian Foreign Minister said Kiev required US-made Patriot systems and Italian-French Samp-T theatre antimissile systems

Kiev ordered mandatory evacuation from Kharkov Region to accommodate mercenaries

Evacuation campaigns are regularly organized by the Kiev government, under the pretext of security issues

No foreign state attacks Iran — TV

Earlier, the media reported, citing a US official, that Israel had launched a missile strike on a site in Iranian territory

Russia always prefers talks to fighting, wars, says Lavrov

The first Russian-Ukrainian negotiations after the launch of Moscow’s special military operation in Ukraine took place in Belarus in early March 2022 but the talks yielded no tangible results

US gives nod to Israeli operation in Rafah in exchange for canceling major attack on Iran

According to the media outlet, "the US administration will support the plan for a military operation in Rafah put forward earlier," which provides for dividing the city into numbered sectors that will be mopped up one by one

West frightens voters by 'Russian threat' to win elections — Lavrov

The top Russian diplomat pointed out that the anti-Russian rhetoric of Western politicians in power intensifies as the elections approach

Hungary to not intervene in Ukrainian conflict on any side, PM says

Viktor Orban believes the first phase of the conflict, which included proposals on sending troops to Ukraine, is over

Ukraine turns from sovereign country into Western protectorate, Hungarian PM says

Viktor Orban noted that there should be a buffer zone between NATO and Russia and Ukraine could serve as one

Ukrainian front may collapse this summer — newspaper

According to the newspaper’s assessments, Russia "has never been closer to its goals" in the special military operation zone

French, US, British nukes all interwoven — Russian diplomat

Maria Zakharova described France’s decision to place its aircraft carrier, the Charles de Gaulle, directly under NATO control as a symbolic move marking the end of "the era of an independent Paris in the international arena"

Ukraine’s military loses positions near Avdeyevka, says DPR

Igor Kimakovsky said that Ukrainian forces suffered heavy casualties among personnel and military hardware, including Western equipment

Water in Kurgan above dam, breaking records

More than 100 employees of the Russian Ministry of Emergencies are fencing the shores and filling the least reliable dam segments

North Korean leader arrives at public event in Aurus luxury car gifted by Putin

On April 10, the vehicle was also spotted when the North Korean leader visited Kim Jong Il Military and Political Academy

Press review: Biden backs aid to Israel, Ukraine and Russia assets giving West legal fits

Top stories from the Russian press on Friday, April 19th

Three Ukrainian soldiers swim across Dnieper to surrender to Russian troops — governor

Vladimir Saldo called on other Ukrainian servicemen to switch to the Russian side and request the corresponding assistance

US House passes procedural vote on Ukraine aid bill

It cannot be ruled out that the House of Representatives may pass this package as early as Saturday

Iran has no plans to immediately retaliate to attack on its soil — agency

"We have not received any external attack, and the discussion leans more towards infiltration than attack," a senior Iranian official reported

Argentina’s NATO partnership bid to let US tighten its grip — expert

According to Andrey Pyatakov, the Argentinian authorities' decision is both a declarative step and evidence of the wish to close economic gaps by expanding military-technical cooperation

West close to sending military to Ukraine, this would 'drag Europe to bottom' — Orban

"This military whirlpool can drag Europe to the bottom. Brussels is playing with fire and angering God," the Hungarian prime minister said

Russia, Iran maintain contacts on nuclear security - deputy foreign minister

Sergey Ryabkov said that "very soon, Russia and Iran will have new additional opportunities to discuss the situation in the Middle East in general, as well as details of what is going on there at this point"

Chinese car plant to start production at former Mercedes site in Moscow region in May

Earlier it was reported that the German automobile concern Mercedes-Benz plans to sell its enterprise located in the Solnechnogorsk district of the Moscow region

Russia knows French military instructors working in Ukraine — Lavrov

At the same time, the top Russian diplomat pointed out that "there is information that not only French mercenaries, but also instructors, maybe even together, but along with some other representatives of military and special services of European countries are working there [in Ukraine]"

Russia ready for Ukraine talks, but not with Zelensky — Lavrov

The first negotiations between Russia and Ukraine after the start of the special military operation took place in early March 2022 in Belarus, but they did not bring tangible results

Kiev continues to openly announce terrorist attacks on Russia — diplomat

Maria Zakharova also pointed to the fact that Ukraine's special services do not give up attempts to "massacre their former compatriots"

Russia’s defense chief inspects production of tanks, flamethrowers at Siberian enterprise

Sergey Shoigu handed down an instruction for the defense enterprise to ramp up the production of T-80BVM tanks, the Defense Ministry said

EU border checkpoint closest to Russia’s St. Petersburg to cut its working hours

The changes were attributed to reconstruction works on the Russian side of the checkpoint Ivangorod

Lavrov describes Georgia’s bill on foreign agents as 'mildest of all'

The top Russian diplomat stressed that the Georgian bill on foreign agents suggested only the need to declare funds, if the organization in question received more than 20% of its funding from abroad

Senior Chinese official to take part in conference on security in Russia — diplomat

The conference will take place from April 23 to 25 in St. Petersburg

Romania tries to cancel Russian culture by banning films — diplomat

"The National Film Archive of Romania, for political reasons, broke the lease agreements for cinema halls with Russian embassy in Bucharest, which provided for the private screening of the Russian films "The Time of the First" and "The Challenge," Maria Zakharova said

Russia not to go for settlement on Ukraine based on 'Zelensky formula' — Lavrov

The top Russian diplomat referred to a swindling trick used by a thimblerigger who puts a small round object, such as a ball or pea, under one of three thimbles or cups and asks the player to guess under which the object is, while unfairly manipulating this object

US blocks Security Council resolution granting full UN membership to Palestine

A total of 12 countries, including Russia and China, voted in favor of the document

Founder of neo-Nazi cell in Crimea flees to Georgia — source

According to the official, the investigation established that Mikhail Maurov planned to travel to Ukraine to join the ranks of a right-wing Ukrainian organization called the Freedom of Russia Legion

Lavrov says Borrell let it slip that Europe ‘fighting against Russia’

Russia’s top diplomat noted that Josep Borrell may made the statement in a moment of weakness

Iran done with retaliation, calls for efforts to stop Israel from reckless steps — MFA

According to the minister Hossein Amir-Abdollahian, in the event that Israel uses force against Tehran's interests, "the Islamic Republic of Iran will not hesitate to use its right to give an immediate and decisive response that will make them regret"

Vehicles, equipment participating in Victory Day parade depart for Moscow — ministry

The final rehearsal of the military parade will take place on May 5

Zelensky's formula should be put aside for Ukraine talks, Lavrov says

"One should clearly support the need to seek solutions that take into account the balance of security interests and ensure the indivisibility of security," the top Russian diplomat underlined

Polish premier refuses to hand over his country’s Patriot systems to Ukraine

Donald Tusk said that German Chancellor’s call to send more air defense systems to Kiev had no relation to Poland, provided the country's geographical position near the frontline

Iran threatens to attack Israel's "nuclear centers" in case of aggression on its part

Ahmad Haqtalab argued that Israel had been conducting "subversive and terrorist activities" against the Islamic republic's nuclear infrastructure for year

Russian military closely monitors all Ukrainian 'novelties' — Kremlin on UAVs

Earlier, it was reported that Ukraine had developed a UAV with a range of up to 3,000 kilometers

Security guarantees on Ukraine did not apply to Crimea, Donbass — Lavrov

The Russian Foreign Minister noted that "Ukrainian negotiators came and said that, for example, on the issue of maneuvers with the participation of third countries, let's replace the wording 'if all guarantor countries agree' with 'unless the majority agrees'"

CIA chief says Ukraine could lose by end of this year — Politico

William Burns said "there is a very real risk that the Ukrainians could at least put Putin in a position where he could essentially dictate the terms of a political settlement"

Yerevan's refusal to delimit borders with Baku to escalate regional tensions — PM

Nikol Pashinyan pointed out that the demarcation process also involves risks, but they are manageable, after which "Armenia will become ten times stronger"

Shoigu orders additional tank protection sets for Ukraine operation

The minister also inspected the training process in Omsk Armor Engineering Institute

Israeli Air Force attacks airfield in southern Syria during strike on Iran

According to local sources, a radar station located at a military site along a highway connecting the towns of Qarfa and Izraa was disabled in the attack

Russian instructors help train over 10,000 Central African troops — CAR president

According to Faustin-Archange Touadera, since becoming the president, his actions have been guided by the need "to modernize the army and take into account new challenges"