Another major ransomware attack is spreading across the Internet infecting thousands of computers.
Initially hitting both Russia and the Ukraine, the ransomware is spreading to Europe and beyond.
Quick recap for the uninitiated; ransomware is a type of malware that encrypts files on your computer, rendering them useless without a decryption key. That decryption key comes at a price, usually paid via BitCoin on the Dark Web. Our full article on ransomware is here.
A number of popular strains of ransomware have hit both personal users and businesses over the last few years with some of the most high profile attacks occurring in 2017 including the notorious WannaCry attacks.
The Bad Rabbit ransomware strain seems to be related to the NotPetya attacks that also spread in 2017. What make ransomware successful is not only the way it encrypts files when it infects a device, but also how it spreads.
Bad Rabbit initially infected computers by using the popular modus operandi of fake Flash updates, tricking users into infecting their own computers believing they were updating Flash. However the ransomware strain can also potentially travel across computer networks by using a library of “bad” (i.e. commonly used) network usernames and passwords to give itself authority to spread.
As usual, we never recommend paying the ransom if you do get infected. There is no guarantee you’ll get your decryption key, and you’re only giving these criminals further motivation to continue with these sorts of attacks.
To protect yourself from ransomware…
1. Be careful installing updates – in this case especially Flash updates – and remember that even if it looks legitimate, it doesn’t mean it is. Don’t click on update pop-ups when browsing other websites – get the update from Adobe’s website directly or let your computer update Flash automatically (or better yet, get rid of Flash!)
2. Don’t open email attachments unless you were explicitly expecting them.
3. Keep your security software up-to-date and run regular antivirus scans.
4. Keep your software updated to prevent this type of malware exploiting vulnerabilities to spread.