The Bad Rabbit Ransomware Attack
Following in the footsteps of WannaCry and NotPetya, a new ransomware attack has surfaced. First discovered last week, Bad Rabbit has infected hundreds of computer systems. While the vast majority of infected systems are located in Russia, a few instances of the malware have appeared in Germany, Ukraine, Bulgaria, and Turkey. Unfortunately, the source of the attack has yet to be identified. Researchers believe BadRabbit may have originated from the creators of NotPetya. Here’s everything we know about Bad Rabbit at this point.
What We Know About Bad Rabbit
One important thing that we know about Bad Rabbit is the way in which it spreads. To start, the malicious code is uploaded onto an insecure website (the majority of websites infected with the Bad Rabbit code were Russian domains). Once a victim arrives on one of these websites, they will be prompted to download an update for Adobe Flash. Opening this fake installer will infect the user’s computer with the Bad Rabbit malware. At this point, the system will be locked and a screen will appear demanding payment of .05 bitcoin (roughly $286). If the payment is not made within 40 hours, the cost will begin to rise.
Compared to WannaCry and NotPetya before it, this new ransomware attack is relatively small. Both of the previous attacks affected hundreds of thousands of devices (especially WannaCry which infected more than 200,000 in the span of two days). In this way, Bad Rabbit is far less severe, having infecting only a few hundred devices. That being said, the threat is still out there, which means devices are still at risk of infection.
However, this is some good news. A cybersecurity researcher discovered that the data locked by Bad Rabbit may be recoverable. So even if you’ve been infected by the Bad Rabbit malware, you may be able to retrieve your data.
Are ransomware attacks keeping you up at night? Are you doing anything in particular to protect yourself from them? If so, let us know in the comment section.