HomeNewsNew BadRabbit ransomware is wreaking havoc in Eastern European countries

New BadRabbit ransomware is wreaking havoc in Eastern European countries

According to ESET, anti-virus IT Security company, the Bad Rabbit follows similar attacks in May and June, infecting thousands of networks and eventually causing hundreds of millions of dollars in damages.

After WannaCry and Petya ransomware, it seems another web-based ransomware known as Bad Rabbit is wreaking havoc on the internet. The Computer Emergency Response Team (CERT) has alerted the users about the latest ransomware, which is spreading in parts of Russia and Ukraine, as well as countries such as Bulgaria, Turkey, Germany, Poland and South Korea.

According to ESET, anti-virus IT Security company, the Bad Rabbit follows similar attacks in May and June, infecting thousands of networks and eventually causing hundreds of millions of dollars in damages.

You Might Also Like

Further, ESET says Bad Rabbit is mostly distributed by drive-by download, where a Javascript is injected in a website’s HTML body file. And when someone visits the infected site, a pop-up saying Flash Player needs to be updated, this leads the victims into downloading and installing the malware themselves.

Other than this,Ukraine’s Ministry of Infrastructure and Kiev’s public transportation system were the initial targets of the Bad Rabbit ransomware. The ransomware also targeted Odessa International Airport and severalbig Russian media outlets with Interfax news agency and Fontanka.ru being the victim.

badrabbit_1.gif

Those who do not know, the Bad Rabbit scrambles the contents of a computer or server (associated network shares, both mapped and unmapped and removable media) and demands payment to unlock it usually by anonymous decentralized virtual currency known as Bitcoin. The hackers are demanding a ransom 0.05 Bitcoin, which roughly translates to Rs 18,071. Kaspersky Lab, said, “Victims download a fake Adobe Flash installer from infected websites and manually launch the .exe file, thus infecting themselves.”

Additionally, users can avoid becoming a victim themselves, one shouldregularly check if anti-virus is on and running, block the execution of filesc:windowsinfpub.dat and c:Windowscscc.dat. Further, if possibletry to disable WMI service, always backup your data and do not pay the ransom.

For the latest tech news and reviews, follow us on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

RELATED STORIES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest News