CybersecurityBad Rabbit

A recent version of ransomware known as Bad Rabbit is attacking businesses around the world. Impacted users picked up the malware from hacked news and media websites. The malware recommends website visitors download a phony Adobe Flash update. As soon as the person installs this fake update, the ransomware will encrypt data on the device and extort victims in exchange for the decryption key.

Businesses in Ukraine and Russia were among the first to experience a Bad Rabbit attack. However, the ransomware attack spread to users in the United States and Europe.

How do Bad Rabbit attacks work?

  1. The victim visits a hacked news or media site and sees a fake pop-up notice to update Adobe Flash.
  2. The victim clicks on the pop-up to launch a download and installation of an Adobe Flash update coded with Bad Rabbit.
  3. Bad Rabbit will then encrypt documents, video, and audio files on Windows devices.
  4. When the victim reboots the device, a ransom note will appear informing victims their files are no longer accessible, and they will need to pay to regain access.
  5. The ransom note will then instruct victims to go to a web address that ends with .onion. The website will require users to pay $276 in bitcoins in exchange for the data.
  6. In the meantime, the malware will scan the device for saved login information and spread it to other computers on the network.

How can you avoid ransomware attacks?

  • Scan your devices with anti-malware software regularly. This software can identify and prevent ransomware installation attempts.
  • Run backups of your device at a data center and to the cloud. If you experience a ransomware attack, we can prevent data loss by wiping the device and restoring the latest working version of your data.
  • Keep your operating system software up to date. If a Windows device uses version 7 or older, you must upgrade to Windows 10 or 11. Also, install patches as soon as they become available.
  • Do not give employees access to network drives if they are not pertinent to their work responsibilities.
  • Disable Flash on your computer if you are not using it. Flash is a popular application for cybercriminals to deliver malware because it is full of security holes. As a result, Adobe stopped updating and distributing the software in 2020. If you must use Flash, install updates by going directly to Adobe’s website at this link: https://get.adobe.com/flashplayer.
  • If you still use a website built with Flash, hire a web developer to create a brand-new website coded in HTML5. Cybercriminals can take control of a Flash-based website and use it as part of their malware distribution network. This may cause Google and anti-virus software to tag the website as dangerous to visit. Plus, Apple and newer Android mobile devices do not support Flash software. Therefore, these visitors will not be able to see your website.
  • If you experience an attack from Bad Rabbit or any other malware strain, disconnect your device from the internet and contact SwiftTech Solutions immediately. Also, you can file a complaint with the Internet Crime Complaint Center (IC3) at https://www.ic3.gov/.

Thankfully, there are now more cybersecurity tools available that provide multiple levels of protection against ransomware attacks. We can safeguard your business against Bad Rabbit and other malware variants with our Security as a Service.

What does our Security as a Service include?

  • Ransomware Protection
  • Enterprise Anti-Virus & Anti-Malware
  • Web Security
  • Email Security
  • Intrusion Prevention, Detection, & Protection Management
  • Security Monitoring

If you’re interested in subscribing to our Security as a Service, please contact SwiftTech Solutions at 877-794-3811.