The latest ransomware threat to hit the scene this month might look familiar to those who are acquainted with the WannaCry and Petya outbreaks earlier this year. This most recent malware iteration has been quaintly dubbed Bad Rabbit. So what do you need to know about our vicious furry friend and how to avoid him?
The attacks have so far focused on European countries, predominantly hitting Russian and Ukrainian organisations. Infiltrating Kiev’s Metro system in Ukraine as well as Russia’s news agency Interfax. There have also been several instances in Germany and Turkey. Russia, however, has so far been hit the most. It has been claimed it may be possible to recover data without paying the ransom of 0.05 bitcoins (£232), which has led some to speculate that the attack is not purely financially motivated.
Read on to find out everything you need to know about this latest ransomware threat. What it is, how it operates, and how you can protect yourself from it.
What is Bad Rabbit & how does it work?
Disguised as an Adobe Flash update, users can unknowingly come into contact with Bad Rabbit when visiting compromised websites. A dialogue box will pop up and if the user agrees to the ‘update’ and clicks to install it, the malware is then able to get onto the system.
Amusingly the orchestrators behind this attack appear to be avid fans of Game of Thrones; referencing character names in the code, including two of the dragons from the popular series. They also make other references to popular culture including the 1995 movie Hackers.
There haven’t yet been any incidences of a UK business being attacked, however, the National Cyber Security Council (NCSC) is monitoring the situation and encourages organisations to be vigilant.
Recap: How can it affect you?
– Holds you hostage
– Encrypts the user’s computer and asks for a payment for decryption
– As with all types of ransomware leading industry bodies do not recommend paying ransoms for decryption, as this only encourages further incidents and does not guarantee you will get your data back
What should you do to protect yourself?
Act pre-emptively. Although there have been no attacks in the UK as of yet, you can protect yourself from vulnerability to Bad Rabbit by making sure your antivirus software has been updated to recognize the malware. Some are reported to have been updated, so it’s worth checking yours. Alternatively, you can create a file which should stop the malware from being able to encrypt your system. ZDNet recommends using this execution: ‘c: \ windows \ infpub.dat, C: \ Windows \ cscc.dat.’
For further information on how to protect yourself from ransomware attacks read our blog post on the 6 Ways to Prevent a Ransomware Infection from Crippling Your Business