It’s our goal to keep you as updated as possible on all the latest in tech. As we learn more about this ransomware, we’ll keep you posted!
What is Bad Rabbit?
On October 24, a new strain of ransomware has been identified, discovered in Russia and Ukraine, called Bad Rabbit. According to reports from KasperSky, ransomware started by infecting organizations in Ukraine and Russia; including Odessa International Airport in Ukraine, Interfax (a Russian news agency), Fontanka.ru, and many more. This strain of ransomware is very similar to the WannaCry and Peyta/NotPeyta/ExPetr outbreaks that happened earlier this year. The ransomware is spread using “drive-by attacks” where insecure websites are compromised. When a user visits the legitimate website that has been compromised, they are prompted to download an Adobe Flash installer. Once downloaded and opened, it will begin to lock your files using an encryption method, then the following you will see the following prompt.
If you visit the “Dark Web” website listed in the prompt, you will find the following website.
If the fact that your files are locked wasn’t bad enough, according SonicWall’s report (Element 74’s firewall vendor) they have discovered that the ransomware is programmed with commonly used Windows credentials to brute force itself into a device.
Keeping that silly “Bad Rabbit” from getting your files
Much like the Trix Bunny we all grew up with, the “Bad Rabbit” will stop at nothing to get your files, no matter what! I have come up with a list of things that will help protect you and your organization, and keep its paws off your files.
- Apply all patches to operating systems
- Protect endpoints with an up-to-date anti-virus solution
- Promote good password hygiene policies (read our blog about how to make your password more secure)
- Ensure firewall and end point firmware is current
- Do not download any Adobe flash installer from any website unless it is directly from Adobe’s website
- Do not allow any installer or file to open automatically without asking you first
The most important thing you can do is to stay aware and informed. Firewalls and anti-virus programs do their best to stop what they can, but the best line of defense is safe browsing and downloading practices for both your personal and business life. If you are not doing it already, you need to discuss these things with your family or business and make sure that you have educated everyone on safe web browsing practices.
And even though in 60 years of trying, the Trix Bunny has only successfully gotten Trix twice, Cybersecurity experts around the world are having more luck with getting their hands on these cyber culprits. Every day, they’re trying to put a stop to ransomware like this quickly; keeping it from becoming widespread. Stay plugged into our blog to keep up-to-date with any new emerging threats!