Bad Rabbit Ransomware: Beware of Fake Flash Updates

 

A new version of ransomware known as Bad Rabbit is attacking businesses around the world. Impacted users picked up the malware from hacked news and media websites. The malware recommends website visitors to download a phony Adobe Flash update. As soon as the person installs this fake update, the ransomware will encrypt data on the device and extort victims in exchange for the decryption key.

Businesses in Ukraine and Russia were among the first to be attacked by Bad Rabbit. However, the ransomware attack spread to users in the United States and Europe.

How it works:
1. The victim visits a hacked news or media site and sees a fake pop-up notice to update Adobe Flash.
2. The victim clicks on the pop-up to launch a download and installation of a Adobe Flash update coded with Bad Rabbit.
3. Bad Rabbit will then encrypt documents, video, and audio files on Windows devices.
4. When the victim reboots the device, a ransom note will appear informing victims their files are no longer accessible and they’ll need to pay to regain access.
5. The ransom note will then instruct victims to go to a web address that ends with .onion. The website will require users to pay roughly $276 in bitcoins in exchange for the data.
6. In the meantime, the malware will scan the device for saved login information and spread to other computers on the network.

What to do:
• Scan your devices with anti-malware software on a regular basis. This software can identify and prevent ransomware installation attempts.
• Run backups of your device at a data center and to the cloud. If you are attacked by ransomware, we can prevent data loss by wiping the device and restoring the latest working version of your data.
• Keep your operating system software up to date. If a Windows device uses Vista or older, you must upgrade to Windows 10. Also, install patches as soon as they become available.
• Don’t give employees access to network drives if they are not pertinent to their work responsibilities.
• Disable Flash on your computer if you are not using it. Flash is a popular application for cybercriminals to deliver malware because it is full of security holes. As a result, Adobe will stop updating and distributing the software in 2020. If you must use Flash, install updates by going directly to Adobe’s website at this link: https://get.adobe.com/flashplayer.
• If you still use a website built with Flash, hire a web developer to create a brand-new website coded in HTML5. Cybercriminals can take control a Flash-based website and use it as part of their malware distribution network. This may cause Google and anti-virus software to tag the website as dangerous to visit. Plus, Apple and newer Android mobile devices do not support Flash software. Therefore, these visitors will not be able to see your website.
• If you are attacked by Bad Rabbit or any other malware strain, disconnect your device from the internet and contact SwiftTech Solutions immediately. Also, you can file a complaint with the Internet Crime Complaint Center (IC3) at https://www.ic3.gov/.

Thankfully, there are now more cybersecurity tools available that provide multiple levels of protection against ransomware attacks. We can safeguard your business against Bad Rabbit and other malware variants with our Security as a Service:
• Ransomware Protection
• Enterprise Anti-Virus & Anti-Malware
• Web Security
• Email Security
• Intrusion Prevention, Detection, & Protection Management
• Security Monitoring

If you're interested in subscribing to our Security as a Service, please contact SwiftTech Solutions at 877-794-3811.

 

Contact us at 877-794-3811 or [email protected] for Professional IT Support

get in touch