A note to everyone out there customers and readers of our page, a new ransomware outbreak is starting to take hold. Our security partners have been posting information about the “Bad Rabbit” attack.
This particular attack is based upon users downloading and running fake Adobe Flash update, this type of attack is know as a drive-by attack as the user infects their own computer. If you get a notice from a website to update your Adobe Flash player please go to the adobe website www.adobe.com directly to avoid this type of infection. We have seen a lot of other malware attacks based upon this tactic and they are very effective.
The hacker’s behind this attack are using this ransomware locking to demand a payment of 0.05 Bitcoins, which equates to a payment of around £200.
Some of the websites being used to distribute this attack are note classed as malicious as they have been hacked to help spread the attack. This attack comes hard on the heals of the WannaCry and ExPetr (Petya or NotPetya), this type of attack is expected to increase of the coming years as it not old causes disruption but can make the hackers large sum’s of money.
It has also been found by some security company’s there are some similarities between the code used in the Bad Rabbit and the ExPetr, also some of the domains that were used to spread the attack in June are being used again for the latest Ransomware attack. Bad Rabbit is not classed as a wiper but a straight forward ransomware as it encrypts certain files and changes the bootloader allowing the hackers to unlock the system if payment is made.
We advise all our clients to make sure they check that their protection is kept up to date and if not running one of our recommended protection systems to get in touch as soon as possible to prevent infections.