A new widespread ransomware attack called Bad Rabbit is spreading rapidly throughout Europe and has already affected over 200 major organizations, mainly in Russia, Ukraine, Turkey and Germany.
The "Bad Rabbit”(Translated as bad rabbit), behaves like Petya, targeting ransomware attacks against corporate networks, requiring 0.05 bitcoin casualties (about $ 285 dollars) as ransom to unlock their systems.
According to a first analysis provided by Kaspersky, ransomware was distributed through a drive, using a fake version of Adobe Flash Player to drive its victims into installing malicious software.
However, ESET security researchers have been detected Bad Rabbit as "Win32 / Diskcoder.D", a new variant of Petya ransomware, also known as Petrwrap, NotPetya, exPetr and GoldenEye.
Bad Rabbit ransomware uses DiskCryptor, an open source λογισμικό κρυπτογράφησης ολόκληρου του σκληρού δίσκου, για να κρυπτογραφήσει τα αρχεία των μολυσμένων υπολογιστών με wrenches RSA 2048.
In the ransom note that leaves the ransomware, as you can see in the photo, it asks the victims to log in to a Tor website to make the payment. The message displays a countdown of 40 hours before the ransom price rises.
Hitherto affected organizations include the Russian news agencies Interfax and Fontanka, payment systems in the Kiev subway, Odessa International Airport and the Ministry of Infrastructure of Ukraine.
Researchers continue Bad Rabbit's analysis looking for a way to decipher computers without paying ransom but also how to stop further spreading.
Kaspersky proposes to disable WMI to prevent the spread of malicious software over your network.
Most ransomware attacks are done via Phishing emails, malicious advertisements on websites and through third-party applications. So, you should always be careful when opening unknown documents sent via an email or clicking on links within those documents.
Also, never download any third-party apps without reading the reviews.
We would suggest reading reviews even before installing apps from official stores. Always have one backup των δεδομένων σας, μέσω μίας ρουτίνας που θα είναι ρυθμισμένη να δημιουργεί αντίγραφά σε μια εξωτερική συσκευή αποθήκευσης, που δεν είναι πάντα συνδεδεμένη με τον υπολογιστή σας. Και φυσικά, βεβαιωθείτε ότι τρέχετε ένα καλό, ενημερωμένο και αποτελεσματικό πρόγραμμα security antivirus on your system.
