Bad Rabbit Ransomware Speading Rapidly
A major ransomware attack is hitting computers.
The latest strain of ransomware “Bad Rabbit” began spreading across Russia and Ukraine this week and there have also been various reports of “Bad Rabbit” infections in Turkey, Bulgaria, Japan, Germany, Poland, South Korea and the United States.
The Bad Rabbit ransomware enters networks when a user runs a phony Adobe Flash Player installer posted on a hacked website. Once “Bad Rabbit” Ransomware has infected its first machine within a network, it then uses an opensource tool to find any login credentials stored on the machine, so it can spread to other machines.
After the virus has spread as much as it can on the network, BadRabbit encrypts all files and posts a ransom note instructing the victim to pay 0.05 Bitcoin (about €235/$280/£213) to a specific Bitcoin wallet to decrypt the files.
How can you stop becoming the next victim:
Disable Adobe Flash Player and ignore installer prompts.
Send a broadcast email to all your users to advise the same.
Although not in this case, email tends to be one of the main infection methods, so be wary of unexpected emails especially if they contain links and/or attachments.
Back up any important data, this reduces the leverage the hackers have over their victim by encrypting valuable files and making them inaccessible.
I Repair Your Computer asks that you check your backup to make sure it is up to date. Once confirmed disconnect from your PC and keep it safe in case of an attack.