Security Threats caused by “Bad Rabbit” Ransomware
A new strain of ransomware nicknamed “Bad Rabbit” has been found spreading in Russia, Ukraine, Turkey and Germany. The malware has affected systems at three Russian websites, an airport in Ukraine and an underground railway in the capital city, Kiev.
The malware is still undetected by the majority of anti-virus programs, according to analysis by virus checking site Virus Total. Many security firms have said that the malware was distributed via a bogus Adobe Flash update.
“Bad Rabbit” encrypts the contents of a computer and asks for a payment – in this case 0.05 Bitcoins, or about $280 (£213).
Information loss, service disruption and integrity of information compromised.
“Bad Rabbit” primarily spreads via drive-by downloads through infected websites. Visitors to the compromised websites are told to install a Flash Player update. Instead of a Flash Player update, the malware is dropped on the victim devices. Once installed, “Bad Rabbit” can spread laterally through the network, propagating further without user interaction.
Regards to Flash Adobe update
- Update your critical assets with the latest security patches and/or updates;
- Do not click on unsolicited mails and links with/without attachments;
- Ensure that anti-virus/anti-malware signatures are up to date and functioning;
- Do not pay the ransom to the perpetrators;
- Do not install any suspicious Adobe Flash update especially via email link;