Typetec

Search

Bad Rabbit – Ransomware Attack Update

Another day, another deadly ransomware attack. Dubbed ‘Bad Rabbit’, it quickly made it’s way across Russia and Eastern Europe this week. Making it the third major ransomware attack this year.

Here’s what we know about the attack so far and how you can stop from getting infected, and what to do if you get attacked:

What is Bad Rabbit?

It’s a ransomware attack, i.e. a virus that infects your computer and holds your files and data ransom until a certain amount of money is paid. Bad Rabbit is accessing devices through a fake Adobe Flash Player installation from hacked websites.

Where did it come from:

The ransomware attack first made an appearance on Tuesday starting in Russia and moving across to the Ukraine, Turkey, Poland and then Germany.

What does it look like:

Bad Rabbit

This image above will appear on your screen if you are infected. You will then be directed to a Tor payment page and are presented with a countdown timer. You are threatened with each time the countdown reaches zero and the payment isn’t made the amount increases.

Bad Rabbit

This looks familiar.. why?

If this ransom note looks familiar then you may be aware of the last global ransomware attack, Petya. With over 60% of the code being identical in both attacks. Like Petya, this virus can spread across an infected network once one device installs the update.

What can I do to stop the attack?

Never download all install any updates you’re not sure of. If you are a managed customer of Typetec’s and you need to update applications we can push this out automatically through our management agents and systems. Typetec work with leading security providers like Webroot, who replaces traditional reactive antivirus with a proactive real-time endpoint monitoring and threat intelligence approach, defending each endpoint individually while gathering, analyzing, and propagating threat data collectively.

Helping prevent ransomware

  • Don’t interact with spam email. By clicking links or opening suspicious attachments, you could be inviting ransomware, or other malware, onto your computer. Just delete spam immediately without opening it.

 

  • Avoid suspicious sites and downloads. Websites that illegally promise free software, music and movies are often baited to lure in unsuspecting victims. This plays into the theme of the ransomware pretending to originate from law enforcement. If you have teens in your home, who often like to visit such dubious sites, make them aware of this malware danger.

 

  • Arm your PC with strong, up-to-date security software. The right protection will recognize dangerous sites, downloads, and spam—stopping the ransomware dead in its digital tracks before it can install itself. Make sure your protection stays current though, or it won’t be able to recognize new threats.

 

  • Backup your files often.  as in most cases when ransomware hits, it is difficult to remove. Even if you do successfully remove the malware, your files may still remain inaccessible.

 

  • Keep your OS updated.  malware like this finds ‘vulnerabilities’ or weak spots in your system if it hasn’t been updated in a while

Check out our WannaCry article to find out more about avoiding ransomware attacks.

If you’d like to learn more about our security managed services or even book in your team to get in-depth training on how to avoid a ransomware attack and other viruses please get in contact. You can call our expert team on 015009001 or email sales@typetec.ie.