Bad Rabbit Ransomware: What is it and what does it do?

Bad Rabbit Ransomware

Bad Rabbit Ransomware: What is it and what does it do?

720 405 Guest Author

Everything you need to know about the new threat.

On Tuesday morning, less than one week ago today, a new string of ransomware hit Russia, the Ukraine, and other surrounding areas in Europe. Believed to be tied to the authors who created the ransomware NotPetya that had a global outbreak less than six months ago, the newly titled “Bad Rabbit” ransomware is already at work infiltrating businesses.

What Is Bad Rabbit?

Bad Rabbit ransomware is a new string of malware that targets machines and freezes and encrypts their data. The malware then demands that users pay 250£ to retrieve their data before the time runs out.

Users who are hit by this malware will see a screen that prompts them to make payment in order to recover their files, and tells them not to “waste your time” looking for ways to recover the files without payment. The message looks like this:

Bad Rabbit Ransomware 2

How Is Bad Rabbit Spread?

The Bad Rabbit ransomware is distributed by using drive-by attacks, a method which usually doesn’t require any action of the user besides visiting an infected website. In the case of Bad Rabbit, the malware appeared to users as a disguised Adobe Flash Player update. Once installed on machines, the malware automatically infected it and locked the user from their data.

More on the Attack

According to researchers at Russia’s cybersecurity lab, Kaspersky, there have been over 200 victims of Black Rabbit already, and it’s expected to rise. The attack was believed to be initially spread by users visiting infected Russian Media sites where they were prompted to download an update for a new Flash Player. And, according to the Russian government, it was believed to be a targeted attack. But, as previously mentioned, Bad Rabbit has now showed up in various countries.

How to Stay Protected

Although the Bad Rabbit ransomware is currently tied directly to Eastern Europe, that doesn’t mean that we should rest easy. Vulnerabilities are everywhere as well as the cyber criminals looking to make money off of those vulnerabilities in question.

So how can your business stay protected? Always ensure that you have the highest level of protection that you can. Do you have a firewall? Is your firewall up-to-date? Is it renewed? Do you have malware and ransomware monitoring tools? Are they up-to-date? Are you keeping yours and your employees’ machines up-to-date by automatically forcing patches as soon as they are available? And further, are you training your employees quarterly on new cybercrime developments and how to protect against them?

These are all things that you can actively do to protect yourself and your business. Black Rabbit may or may not spread globally like its relative NotPetya, but the simple fact still remains,

“There are new and dangerous strings of ransomware every sing day.”

Are you prepared for them if they happen?

Looking for a technology team to help improve your security protection plan? zbrella Technology Consulting can build custom built cybersecurity platforms and make high-level security decisions that best suit your needs to protect you from all the latest threats. Call us today at 800.750.4296 or email us at sales@zbrella.com.

About Zbrella

At ZBRELLA, we don’t believe in the word “can’t.” We look at the world through a lens of innovation, creation, and imagination, and our team is a bunch of geniuses who reflect that belief system. Like what we have to say? Inspired by our blog? There’s more where that comes from. We can do just about anything, because we never stop at ZBRELLA. Drop us a line if you want us to cover an event, are interested in cross-blogging with us, or just want to shoot the breeze. Don’t be a stranger, get in touch! Read More

Contact Us