Virus Alert! Bad Rabbit Ransomware Hits Computers Worldwide

There is a new ransomware attack that is spreading across Europe and into other countries around the world. This new cyber-attack, known as 'Bad Rabbit', disguises itself as an Adobe Flash Update in order to convince online users into downloading it. Once downloaded and installed, the ransomware quickly hijacks the victims' computers, encrypts their personal files and data (make them unreadable), and demands a ransom payment in order to decrypt or make them readable again.

Virus Alert! Bad Rabbit Ransomware Hits Computers Worldwide

The "Bad Rabbit" Ransomware

Bad Rabbit Ransomware

What is a Ransomware?

Ransomware is a type of malicious software that threatens to publish the victim's data or block access to it unless a ransom is paid.

How Bad Rabbit Infects Computers?

Bad Rabbit mainly spreads or infect computers via drive-by downloads on hacked websites. This technique involves cybercriminals tricking online users into visiting a malicious website, usually one that has been hacked, and tells the online users they need to install a Flash Update. But, any attempts to install the fake and malicious Flash Update will result in the online users' computers getting infected.

Remember, only install Flash Updates on Adobe's website at the following link:

Never install Flash Updates on your computer from websites that claim you need to do so because your Flash Player is outdated or you need it to watch a video or play a game.

Bad Rabbit comes with a potent trick up its sleeve in that it contains an SMB component which allows it to move laterally across an infected network and propagate or spread without user interaction. Kaspersky Lab, a cybersecurity and anti-virus provider, says users can block the execution of the following files in order to prevent infection:

  • "C:\windows\infpub.dat"
  • "C:\windows\cscc.dat"
Check the comment section below for additional information, share what you know, or ask a question about this article by leaving a comment below. And, to quickly find answers to your questions, use our search Search engine.

Note: Some of the information in samples on this website may have been impersonated or spoofed.
Was this article helpful?  +
Share this with others:

Comments, Questions, Answers, or Reviews

Comments (Total: 5)

To protect your privacy, please remove sensitive information from your comments, questions, or reviews. We will use your IP address to display your approximate location to other users when you make a post. That location is not enough to find you.

Your post will be set as anonymous because you are not signed in. An anonymous post cannot be edited or deleted, therefore, review it carefully before posting. Sign-in.

The comments, reviews or answers below do not necessarily reflect the views of Online Threat Alerts (OTA).

  • October 25, 2017 at 7:18 PM by an anonymous user from: Syracuse, New York, United States

    So where do you go to get protection from this?

    • October 25, 2017 at 7:31 PM by info

      Just ensure your antivirus is up to date, and do not download and install software from unfamiliar or untrusted websites.

  • October 25, 2017 at 6:15 PM by an anonymous user from: Hazleton, Pennsylvania, United States

    It was me before, about the WaPo.

    The download history showed this link:

    adobe_flash_setup_3881779722.exe Canceled

    hxxp:// VNtAIdekpagLpJEe

    People say that if you don't run the executable, nothing will happen. But if this thing started to download itself without me asking, maybe it can also execute itself afterward -?

    • October 26, 2017 at 5:18 AM by info

      In some web browsers a file will download automatically to the Download folder. There is a setting to change that. But, the downloaded file cannot execute itself.

  • October 25, 2017 at 5:40 PM by an anonymous user from: Hazleton, Pennsylvania, United States

    I was just reading WaPo, the comments section on an article about Clinton, when my laptop almost got infected. There is a button, at the comment section, which is supposed to show comments in either ascending or descending order. Except that this time nothing was happening, when I clicked it. I clicked it again a couple of times - and suddenly saw the download bar at the bottom of the screen displaying "adobe_flash_setup...exe" (!)

    I hit 'cancel' and disconnected the Wifi.

    Again, that was WaPo, at around 6:20 PM NY time.

    I read comment sections in WaPo earlier today without problems. I think it's the software that handles comments what is compromised. The Russian media outlets, apparently, were "spreading the virus" to their readers in the same manner. Now it's WaPo. I don't know how to alert them - maybe you can.

Comments Show More Comments (4)

Write Your Comment, Question, Answer, or Review

Virus Alert! Bad Rabbit Ransomware Hits Computers Worldwide