A new ransomware, dubbed Bad Rabbit, was first spotted on 24th October 2017. The ransomware is the third major spread of malware this year: it follows the wider-reaching WannaCry and NotPetya strains of malicious code. Here’s what we know about Bad Rabbit so far.

The latest strain of ransomware “Bad Rabbit” began spreading across Russia and Ukraine and  there have also been various reports of “Bad Rabbit” infections in Turkey, Bulgaria, Japan, Germany, Poland, South Korea and the United States.

The Bad Rabbit ransomware enters networks when a user on your network runs a phony Adobe Flash Player installer posted on a hacked website. Once “Bad Rabbit” Ransomware has infected its first machine within a network, it then uses an open source tool to find any login credentials stored on the machine, so it can spread to other machines in your organisation.

Adobe’s 2020 deadline for the end of Flash can’t arrive soon enough !!

The Bad Rabbit ransomeware is disguised as an Adobe Flash installer. When the innocent-looking file is opened it starts locking the infected computer. The Flash download has been installed in websites using JavaScript injected into the HTML or Java files of the affected websites. The malware isn’t installed automatically, which means it has to be clicked on to work.

 

If a person does click on the malicious installer – and given the number of Flash updates issued this is highly probable – their computer locks. After the virus has spread as much as it can on the network, BadRabbit encrypts all files and posts a ransom note instructing the victim to pay 0.05 Bitcoin (about €235/$280/£213) to a specific Bitcoin wallet to decrypt the files

 

SO FAR – Unlike WannaCry and NotPetya, Bad Rabbit hasn’t spread widely. The majority of incidents have been recorded in Russia and Ukraine. Kaspersky states that “all” of the compromised websites it has seen so far have been news or media outlets.
Here are some tips and ideas on how to stop you becoming the next victim of Bad Rabbit malware :

 

  • Disable Adobe Flash Player and ignore installer prompts.

Back up any important data, this reduces the leverage the hackers have when encrypting valuable files and making them inaccessible.