"According to our observations, most victims of the attack are in Russia. We also observe similar attacks in Ukraine, Turkey and Germany, but in considerably lesser numbers. The malware is distributed via a number of infected websites of Russian media," Kaspersky Lab antivirus research department chief Vyacheslav Zakorzhevsky said.
Later on, Russian cyberforensics company Group-IB, which deals with the prevention and investigation of cybercrimes said it recorded cyberattacks using the BadRabbit cryptographic virus on a number of Russian media outlets, as well as a number of state institutions and strategic facilities in Ukraine.
"#BadRabbit #cryptor requires 0.05 BTC for decryption," Group-IB added on Twitter.
“Attention! Cyberattack! The Metro is working as usual, except for bank services (contactless bank card payments or MasterPass) … We apologize for any inconveniences and ask passengers to use alternative payment methods,” the metro wrote on Facebook.
This is the third major ransomware attack this year. First came WannaCry, the cyberattack that hit global systems in May 2017, when cybercriminals used malicious software to exploit a flaw in Windows operating systems and infect hundreds of thousands of computers worldwide. And only a month after, came Petya, which also spread right across the world, impacting thousands of systems.