Bad Rabbit Ransomware Outbreak Targets Users

October 25th, 2017 by Rocket IT

A new ransomware known as “Bad Rabbit” is hitting users in the US and several European countries. This malware is a “new and improved” version of the NotPetya ransomware that uses social engineering to trick people into installing it by posing as an Adobe Flash installer.

Once downloaded, users have 40 hours to pay up to decrypt their data, though it is currently unclear whether ponying up the bitcoin will actually unlock your files.

(Want to learn more about ransomware and how to keep your organization safe? Get our free Security in the Age of Ransomware webinar on demand here.)

Like Petya, Bad Rabbit is a “disk-coder” which means it first encrypts the files on the infected user’s computer before replacing the MBR (Master Boot Record). Once this is encrypted, it makes it virtually impossible for your computer to locate a specific file. In fact, this new ransomware shares some of the same code as the Petya virus that caused the big ransomware crisis that hit global corporations earlier this year.

After the ransomware is done with these processes, the ransom message appears. Unfortunately, Bad Rabbit disables your ability to access the internet through this computer since at this point it has effectively placed itself between you and your OS. To pay the bitcoin ransom, you must use another computer to do so in order to get the decryption key and save your files.

Phishing attacks like Bad Rabbit, Petya, and WannaCry have been so successful because of the social engineering aspect of the hackers’ strategy. Users are used to being prompted to download or update their Adobe Flash… And many don’t even think twice before clicking.

To avoid effectively bricking your workstation, be cautious about the source when downloading any software. If you need to update a program like Adobe Flash, it’s best to go directly to the official Adobe website yourself and download it from there. Not paying attention to where you’re downloading things from or which permissions you’re allowing can land you in some hot water.

To learn more about the role of social engineering in cyberattacks, check out our other article here.

 


 

About the Author-

Jason Hand loves making music, serving his church and getting people excited about technology tools. He currently lives in Georgia with wife and two adopted sons.  Jason is the Systems Administrator at Rocket IT.