Bad Rabbit Ransomware on the Prowl
In the opinion of Kaspersky Labs, the latest ransomware has been derived from Petya since its codes resemble those of Petya. While another ransomware Locky utilizes a spam mail for spreading its infection across computers, the modus-operandi of Bad Rabbit's infection is different. This one relies on insecure websites for installing certain harmful PHP code onto the site's pages. People accessing the particular pages are directed for planting flash players that in reality conceal one resource for malware on the Web. When planted the malware attempts at acquiring elevated administrative rights followed with adding a module for disc encryption that stops the infected computer from running a customary booting. Thus when owners start up a contaminated system, they get diverted onto one modified bootloader.
While the malware infecting computers in Russia accounted for 65% of the machines, outside Russia it infected just 2.4%. Bad Rabbit contaminated devices via several compromised media sites of Russia, when a message would pop up asking victims to pay money to get back access of their files.
For keeping oneself protected, the fundamentals are running anti-virus software, giving second thoughts to unanticipated e-mail attachments, maintaining operating systems and application software up-to-date, and maintaining regular back-up of files. Notably, the NoMoreRansom.org website provides tools for decrypting files encrypted with ransomware.
» SPAMfighter News - 03-11-2017
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!