Bad Rabbit: The latest ransomeware that presents itself as an Adobe Flash Player download

Bad Rabbit

Bad Rabbit Ransomware is a new strain of ransomware which began hitting the computer networks of organizations across Russia and the whole of Eastern Europe on Wednesday, October 25 2017. The ransomware is similar to Petya or WannaCry Ransomware, where the data in the attacked computer is locked and ransom demanded. It is being spread through compromised websites, presenting itself as an Adobe Flash Player download.

It can encrypt all the personal files on the computer, so that you are not able to open or access your files anymore.  Users are then redirected to 1dnscontrol[.]com, the site hosting the malicious file.

 

 

Once infected with the ransomware, victims are directed to a web page on the dark web, which demands they pay 0.05 bitcoin (roughly $285 USD) to get their files back. Many victims were forced to buy back the information on their computers and the necessary programming for the computer to run.

After a computer on a network is infected, Bad Rabbit can quickly and covertly spread through an organization without being detected. Although the ransomware has been detected in several countries, it appears to be concentrated in organizations in Russia and Ukraine.

The name Bad Rabbit was given to this malware because of the header mentioned on the ransom site. However, the actual name of Bad Rabbit is Diskcoder.d.

 

Share your thoughts!

Exit mobile version