A new ransomware called BadRabbit struck eastern Europe on Tuesday, with targets including the Odessa airport in the Ukraine and a few Russian media outlets, among others.
In each case, users are presented with a black-and-red screen of text demanding a payment of 0.05 bitcoin (about $280, for now) in order for their files to be decrypted. A timer claims that the ransom will increase after 40 hours.
The virus appears to spread via a fake Adobe Flash Player installer and makes use of "a Windows flaw known as EternalBlue that was identified by and leaked from the NSA and has now been used in several malware attacks."
Once on a computer, says a staff member of the security firm McAfee, BadRabbit can encrypt a bunch of common file types, including Microsoft Office documents and image files.
It did not identify any U.S. victims but advised the public to refrain from paying ransoms and report any infections to the Federal Bureau of Investigation through the government’s Internet Crime Complaint Center.