Virus Alert! Bad Rabbit Ransomware Hits Computers Worldwide

Virus Alert! Bad Rabbit Ransomware Hits Computers Worldwide

Would you share this Article with others?

There is a new ransomware attack that is spreading across Europe and into other countries around the world. This new cyber-attack, known as 'Bad Rabbit', disguises itself as an Adobe Flash Update in order to convince online users into downloading it. Once downloaded and installed, the ransomware quickly hijacks the victims' computers, encrypts their personal files and data (make them unreadable), and demands a ransom payment in order to decrypt or make them readable again.

The "Bad Rabbit" Ransomware

Bad Rabbit Ransomware

What is a Ransomware?

Ransomware is a type of malicious software that threatens to publish the victim's data or block access to it unless a ransom is paid.

How Bad Rabbit Infects Computers?

Bad Rabbit mainly spreads or infect computers via drive-by downloads on hacked websites. This technique involves cybercriminals tricking online users into visiting a malicious website, usually one that has been hacked, and tells the online users they need to install a Flash Update. But, any attempts to install the fake and malicious Flash Update will result in the online users' computers getting infected.

Remember, only install Flash Updates on Adobe's website at the following link:

Never install Flash Updates on your computer from websites that claim you need to do so because your Flash Player is outdated or you need it to watch a video or play a game.

Bad Rabbit comes with a potent trick up its sleeve in that it contains an SMB component which allows it to move laterally across an infected network and propagate or spread without user interaction. Kaspersky Lab, a cybersecurity and anti-virus provider, says users can block the execution of the following files in order to prevent infection:

  • "C:\windows\infpub.dat"
  • "C:\windows\cscc.dat"

Note: Some of the names, addresses, email addresses, telephone numbers or other information in samples on this website may have been impersonated or spoofed.

Please share what you know or ask a question about this article by leaving a comment below. Also, check the comment section below for additional information, if there is any.

Remember to forward suspicious, malicious, or phishing email messages to us at the following email address: info@onlinethreatalerts.com

Also, report missing persons, scams, untrustworthy, or fraudulent websites to us. Tell us why you consider the websites untrustworthy or fraudulent.

If you want to quickly find answers to your questions, use our search engine.

You can help maintain Online Threat Alerts (OTA) by paying a service fee. Click here to make payment.

Comments, Questions, Answers, or Reviews
(Total: 5)

To help protect your privacy, please do not post or remove, your full name, telephone number, email address, username, password, account number, credit card information, home address or other sensitive information in or from your comments, questions, or reviews.

The comments or reviews below do not necessarily reflect the views of Online Threat Alerts.

  • October 25, 2017 at 7:18 PM by an anonymous user from Atlanta, Georgia, United States

    So where do you go to get protection from this?


    • October 25, 2017 at 7:31 PM by info

      Just ensure your antivirus is up to date, and do not download and install software from unfamiliar or untrusted websites.


  • October 25, 2017 at 6:15 PM by an anonymous user from Hazleton, Pennsylvania, United States

    It was me before, about the WaPo.

    The download history showed this link:

    adobe_flash_setup_3881779722.exe Canceled

    hxxp://www.applicationsoftwareapplication.com/ VNtAIdekpagLpJEe

    People say that if you don't run the executable, nothing will happen. But if this thing started to download itself without me asking, maybe it can also execute itself afterward -?


    • October 26, 2017 at 5:18 AM by info

      In some web browsers a file will download automatically to the Download folder. There is a setting to change that. But, the downloaded file cannot execute itself.


  • October 25, 2017 at 5:40 PM by an anonymous user from Hazleton, Pennsylvania, United States

    I was just reading WaPo, the comments section on an article about Clinton, when my laptop almost got infected. There is a button, at the comment section, which is supposed to show comments in either ascending or descending order. Except that this time nothing was happening, when I clicked it. I clicked it again a couple of times -- and suddenly saw the download bar at the bottom of the screen displaying "adobe_flash_setup...exe" (!!)

    I hit 'cancel' and disconnected the Wifi.

    Again, that was WaPo, at around 6:20 PM NY time.

    I read comment sections in WaPo earlier today without problems. I think it's the software that handles comments what is compromised. The Russian media outlets, apparently, were "spreading the virus" to their readers in the same manner. Now it's WaPo. I don't know how to alert them -- maybe you can.


 Show More Comments (5)
Write Your Comment, Question, Answer, or Review
Write your comment, question, answer, or review in the box below to share what you know or to get answers. NB: We will use your IP address to display your approximate location to other users.
Your comment, question, answer, or review will be posted as an anonymous user because you are not signed in. Anonymous posts cannot be edited or deleted. Sign-in.

Virus Alert! Bad Rabbit Ransomware Hits Computers Worldwide