Bad Rabbit: The new worldwide ransomware outbreak

Posted on 11/7/2017

By George Cox, P.C. Periodicals

While all ransomware is bad, Bad Rabbit represents a new strain of ransomware.

I have had several different security alerts recently about a new ransomware attack called Bad Rabbit. The outbreak was first reported in Russia and the Ukraine and a few hours after the original outbreak, it hit Europe and the United States.

While all ransomware is bad, Bad Rabbit represents a new strain of ransomware. The Department of Homeland Security’s Computer Emergency Readiness Team issued an alert saying it had received “multiple reports” of infections. Russia’s Interfax news agency reported on Twitter that the outbreak shut down some of its servers, forcing Interfax to rely on its Facebook account to deliver news.

The outbreak appears to have started via files on a hacked Russian media website, using the popular social engineering trick of pretending to be an Adobe Flash installer. The ransomware demands a payment of about $275 from its victim, though it is not clear whether paying the ransom unlocks a computer’s files. You have just 40 hours to pay.

Bad Rabbit shares some of the same code as the Petya virus that caused major disruptions to global corporations in June, according to a researcher with the antivirus vendor Symantec Corp.

As for Bad Rabbit, the ransomware is a so-called disk coder that first encrypts files on the user's computer and, if the ransom is not paid, replaces the MBR (Master Boot Record). Your computer will no longer start-up as everything on the disk drive is lost!

Several security agencies are reporting that a false Adobe Flash Update is the infection method. Without utilizing exploits, the “drive-by” attack tricks the victim into downloading the fake installer from a convincing website. The victim, assuming it is a legitimate Flash update, then manually launches the .exe file. From there, Bad Rabbit has a hold of the device and can spread to more devices on your connected network.

An important step to protect yourself from ransomware is to have a rigorous patching strategy in place. This means that you should keep all operating system, anti-virus, anti-spyware, and anti-ransom software updated. Also, you should be aware that many of these ransomware attacks are being spread through the social media accounts.

Besides keeping software current, a good backup plan should be in place that keeps a secure back-up of your important data files. Such backup plans for your personal data should either be real-time backup to a secured location, or the regular use of external media.

Attention Windows 10 users: Your Adobe Flash updates come directly from the MS Windows update. Do not install any external requests for Flash Player updates.

Original Article: HERE

Click here for Free Assessment

For more more information, contact:

Pete Groman, President
Namorgy Network Solutions - GeekByTheWeek[TM]
#NNSIT #ISpeakGeekDOTBIZ #GeekByTheWeek[TM]

Our Sponsor

Namorgy Network Solutions is dedicated to providing cost-effective IT Managed Services to small and midsize businesses that want to improve their productivity. With our comprehensive approach to Managed Services, we are your single source for all things IT, fully committed to customer service excellence. Our fast and friendly team of experts is always thinking ahead to deliver the best service possible.

Pete Groman, President
Namorgy Network Solutions - GeekByTheWeek[TM]
#NNSIT #ISpeakGeekDOTBIZ #GeekByTheWeek[TM]
Have questions? Feel free to click the "Live Chat" button at the bottom right during business hours. Or the "Contact us" button after hours. Thanks!