“Bad Rabbit” Ransomware – A Ploy by the USA?
A new ransomware attack spreads through Russia and Ukraine and into other countries around the world.
After accusing the Russians for the Wannacry ransomware attack, it is quite strange that a similar attack has taken place across Russia. Is it possible, that the US is retaliating with the Bad Rabbit ransomware?
According to reports from Cybersecurity experts, the ransomware deceives the user as an Adobe update before hijacking the systems and demanding money in exchange for the release of their computer systems. Russian media companies and Ukrainian transportation systems have suffered the most. There is also reported threat detection in other countries including the U.S, Germany, and Japan.
The U.S. Computer Emergency Readiness Team on Tuesday said:
“it has received multiple reports of ransomware infections … in many countries around the world.”
Being labeled as “Bad Rabbit,” the virus is the latest addition to the artillery of cybercriminals who are victimizing people across the globe for extortion money. This year already has seen two high-profile international attacks, NotPetya and Wannacry, which instigated widespread chaos upsetting businesses, government institutions, and hospitals.
After Bad Rabbit attacks a computer, it locks down files and demands a ransom. Experts and government agencies are instructing targets not to pay up, cautioning that it could just be a ploy and no guarantee of return of their valuables files and data.
It looks like there’s a potentially big ransomware outbreak called #BadRabbit spreading, possibly via SMB. I’m looking into it now.
— Beaumont Porg, Esq. (@GossiTheDog) October 24, 2017
— Joseph Cox (@josephfcox) October 24, 2017
#BadRabbit now detected in the U.S. We expect a growing number of detections in the hours ahead.
— Avast Software (@avast_antivirus) October 24, 2017
Tuesday saw the virus attack Russian media groups Interfax and Fontanka, and transportation targets in Ukraine including Odessa’s airport, Kiev’s subway and the country’s Ministry of Infrastructure of Ukraine. Interfax confirmed its servers had gone down due to a cyber attack.
Soon Bad Rabbit spread like wildfire across Ukraine, Turkey, and Germany. Cybersecurity firm ESET also detected cases of Bad Rabbit in Japan and Bulgaria. Another corporation, Avast, states the ransomware has been identified in the U.S., South Korea, and Poland.
The Bad Rabbit ransomware infected computers by posing as an Adobe Flash installer on compromised news and media websites. It serves as another reminder to people that they should avoid downloading apps and software from unknown sources and pop up advertisements.