Bad Rabbit is a new type of Ransomware taking over computers across various European countries. It’s locking victim system by encrypting data and demanding money from them, but security experts are warning people not to pay up.
How it works?
Bad Rabbit ransomware spreads through “drive-by attacks” which means a user visit an infected website and the ransomware automatically gets downloaded or provokes the user to download a spoofed application. Even though the target is visiting a legitimate website, a malware dropper is being downloaded from the threat actor’s infrastructure. The malware is also disguised as an Adobe Flash installer. When user clicks on the file it starts locking the infected computer. The malware isn’t installed automatically, which means it has to be clicked on to work. Once the ransomware has encrypted all files a note and payment page demands around $280 in Bitcoin and gives a 40-hour deadline for payments to be made.
Dheeraj Kumar 