Ukraine is struggling with large-scale ransomware outbreak
Once again, there is a large-scale attack with ransomware. After WannaCry, it now concerns Xdata, although the infection seems to be limited to Ukraine for the time being. For the time being, there is no tool available to free the files encrypted by Xdata.
The spread of the Xdata ransomware started last week, with a large number of infections in Ukraine, Wired reports based on an analysis by MalwareHunter. Where the WannaCry ransomware from earlier this month asked for a fixed amount of money to decrypt the affected files, namely $ 300, the amount at Xdata differs per user. The ransomware is likely to charge companies more money to regain access to the encrypted files. Meanwhile, several Ukrainian companies have already reported that they are dealing with an infection of the Xdata ransomware.
It is not yet clear which vulnerability the ransomware uses to break into computer systems. There is also a chance that the infection will eventually spread beyond Ukraine. There have been few reports of this so far, with a few infections in Russia and Germany, among others. Reports indicate that several versions of Windows are vulnerable, including XP, 7, and 10.
Although the world was rocked earlier this month by a large-scale attack with the WannaCry ransomware, the impact in Ukraine was still limited; Xdata has infected a much larger number of computers in the Eastern European country so far. It remains unclear whether the attackers responsible for the Xdata ransomware specifically targeted Ukraine. Ukraine has previously been the victim of several hacking attacks, including on its electricity network.