A new widespread ransomware attack called Bad Rabbit is spreading rapidly throughout Europe and has already affected over 200 major organizations, mainly in Russia, Ukraine, Turkey and Germany.
The "Bad Rabbit”(Translated as bad rabbit), behaves like Petya, targeting ransomware attacks against corporate networks, requiring 0.05 bitcoin casualties (about $ 285 dollars) as ransom to unlock their systems.
According to an initial analysis provided by Kaspersky, the ransomware was distributed via a drive, using a fake installation version of Adobe Flash Player to trick its victims into installing malicioussoftware.
However, ESET security researchers have been detected Bad Rabbit as "Win32 / Diskcoder.D", a new variant of Petya ransomware, also known as Petrwrap, NotPetya, exPetr and GoldenEye.
Bad Rabbit ransomware uses DiskCryptor, an open source encryption software for the entire hard drive, to encrypt the infected computer files with RSA 2048 keys.
In the ransom note left by the ransomware, as you can see in the picture, it asks victims to log into a Tor website to do the payment. The message shows a 40-hour countdown before the ransom price goes up.
Hitherto affected organizations include the Russian news agencies Interfax and Fontanka, payment systems in the Kiev subway, Odessa International Airport and the Ministry of Infrastructure of Ukraine.
Researchers continue Bad Rabbit's analysis looking for a way to decipher computers without paying ransom but also how to stop further spreading.
Kaspersky proposes to disable WMI to prevent the spread of malicious software over your network.
Most ransomware attacks are done via phishing emails, κακόβουλων διαφημίσεων σε websites και μέσω εφαρμογές τρίτων. Έτσι, θα πρέπει πάντα να είστε προσεκτικοί όταν ανοίγετε έγγραφα αγνώστων που αποστέλλονται μέσω ενός μηνύματος ηλεκτρονικού ταχυδρομείου ή όταν κάνετε click to links within these documents.
Also, never download any third-party apps without reading the reviews.
We would suggest you read the comments even before installing apps from official stores. Always have a backup of your data through a routine that is set to copy to an external storage device that is not always connected to your computer. And of course, make sure you run a good, up-to-date and effective anti-virus program on your system.
