A new ransomware spreading like wildfire has struck Ukraine, Russia , Germany, Turkey and other parts of Europe affecting over 200 organizations within a few hours.
Dubbed "Bad Rabbit", the malware which has a number of similarities to Petya demands 0.05 bitcoin (about $285) as ransom from victims to unclock their systems
According to Kaspersky lab, the ranswomware was distributed via fake Adobe Flash player installer to lure victims to install the malware.
"No exploits were used, so the victim would have to manually execute the malware dropper, ehich pretends to be an Adobe Flash installer. We've detected a number of compromised websites, all of which news or media websites." Kaspersky Lab said.
Researchers at ESET security and other security firms says the Bad rabbit distribution was via fake Flash Player updates, but some also believes that the ransomware leverages the Mimikatz post-exploitation tool to extract credentials from the compromised system.
Those hit by the Bad Rabbit ransomware attack includes Russian media outlets Interfax and Fontanka, the Kiev subway, the airport in Odessa, the State Aviation Service and the Ministry of Infrastructure in Ukraine.
Affected users would see a ransom note on their screen, asking them to log into a Tor onion website to make the payment. However, the screen also displays a 40 hour count down of which if the user fails to pay within that time, the ransom will increase.
While security researchers are still looking for a solution to this malware, i will advice every internet user to follow these little tips to stay safe.
Keep your anti-virus up to date!
Backup device to an external storage device in case something goes wrong
Beware of third party applications and do not be in a haste to open any mail attachment sent to you, unless you are sure of the sender.
Beware of phishing mails! most phishing activities these days are sophisticated enough to make a computer geek fall for it.
There are many malicious adverts online today even on legitimate sites so beware on sites that you visits and what you click