A new type of ransomware called as “Bad Rabbit” has been found spreading in Russia, Ukraine and other countries. There are reports of malware impacting systems in multiple places. Bad Rabbit Ransomware began spreading across the world Tuesday (Oct. 24) and it appeared to be a much modified version of the Petya worm, that hit eastern Europe in June.
Bad Rabbit Ransomware : What is it?
Bad Rabbit Ransomware is a much modified variant of popular ransomware like WannaCry and Petya. Malware is distributed via a fake Adobe Flash update.
Bad Rabbit hit corporate networks in Russia and Ukraine especially hard and there were isolated reports of infections in Turkey, Bulgaria, Japan, Germany, Poland, South Korea and the United States by Tuesday evening.
Bad Rabbit Ransomware : How it works?
Bad Rabbit Ransomware gets into your computer, either by clicking or downloading malicious files. This can be via an email attachment or a download from a website. After gaining access to the computer, the “Bad Rabbit” encrypts the computer’s hard disk drive and then attempts to infect other computers on network. Major cause which has come out till now is fake Adobe Flash Update.
Once it has spread as far as it can through a network, Bad Rabbit encrypts all files of commonly used Windows Office, image, video, audio, email and archive filetypes on infected Windows machines, using the open-source DiskCryptor utility, and posts a ransom note. The victim is instructed to send 0.05 bitcoin (about $280) to a specific Bitcoin wallet.
Steps recommended to follow in order to avoid Bad Rabbit Ransomware
- Avoid clicking on links or opening attachments or emails from people you don’t know or companies you don’t do business with.
- Ensure your Antivirus signatures are updated and that your AV is running.
- Avoid downloading or installing software from untrusted sources.
- Always shutdown and restart your computer on regular basis or when not in use so that the computer system gets required patches pushed.