Bad Rabbit is a form of ransomware that is now being reported across Europe, Asia and the Americas, having started spreading in Russia and Ukraine earlier this week.
The ransomware gains entry into networks when users attempt to install fake Adobe Flash Player software posted on a hacked website.
GCHQ has issued warnings about the Bad Rabbit cyber attack, stating that the malware contains references to Game of Thrones. This malware outbreak comes hard on the heels of the WannaCry and NotPetya ransomware outbreaks.
Having infected a single computer on a network, Bad Rabbit then seeks out login credentials stored on infected machine allowing it to spread laterally across the network on to other computers. It then encrypts all files on the infected computers and issues a ransom demand instructing victims to pay 0.05 Bitcoin (about €235/$280/£213).
The payment page tells victims to pay with 40 hours or face the ransom fee increasing.
Our advice on preventing infection is as follows:
- Disable Adobe Flash Player and ignore update installer prompts
- Email your network users advising them to do the same
- Be wary of unexpected emails that include links or attachments
- Ensure your backups are up to date so that encrypted files can be retrieved
For more information contact Alliance Solutions on 0800 292 2100 about malware prevention and remediation.