Bad Rabbit: Ransomware on the rise

The recent ransomware attack that took few countries by a shock is the bad rabbit. It is typically a drive-by attack that insists users to download a fake software and damages the system.

Ransomware is a type of malware that disrupts your systems by encrypting the data on your computers. The usual motive behind such attacks is a monetary benefit. An attacker targets a system, and upon getting access to it, locks it down and demands payment for unlocking it. This money is demanded from the owner of the system in the form of crypto-currency, to conceal the identity of the hackers. Bad Rabbit is one such ransomware and has been in the news recently. Other kinds of ransomware that have wreaked havoc in the past include WannaCry and Petya.

What is Bad Rabbit ransomware?

A drive-by attack, that insists the users install a masked Adobe Flash player, is the cause of the spread of this ransomware. Bad Rabbit usually initiates when it is manually installed onto the system in the guise of Adobe Flash Player. While being downloaded, the malware focuses on decrypting all the files in the system, and as a result, the owner cannot gain access to his files anymore.

When the user tries to restart her computer, she is provided with a command prompt note stating that her system has been compromised and the data that was stored has been decrypted. Furthermore, ransomware attackers demand the hostages with a ransom amount, which is currently around 0.05 bitcoins that sum up to 280$ approximately. These attackers provide the users with a link to an onion website where they can get the link to deposit the amount. All this is done to ensure that the hacker’s identity is not revealed and the ransom still reaches him.

Although Bad Rabbit has not spread widely as of yet - a majority of these incidents being recorded in Russia and Ukraine - it is on the rise. Even though the source of the attack has not yet been tracked, it is said to have links with Petya as both ransomware have too many similarities in their modus operandi.

Are there any countermeasures for Bad Rabbit?

As the reach of bad rabbit is still limited, countermeasures for the same have not been discovered yet. However, there are certain preventive measures that can help an organization in securing its files and information.

An organization must ensure that its antivirus systems are up-to-date, as this software can detect any or all the malware that has entered a system. Staying away from downloading Adobe Flash updates will surely help one in staying away from the wrath of Bad Rabbit ransomware. Backing up data from time to time always helps. There are various ways of backing up data.

As bad rabbit is a new ransomware and has not yet achieved widespread reach, researchers have begun extensive investigations into instances where people had undergone its attack. How countermeasures are developed for such an advanced attack, is something interesting to wait and watch out for.