Writing about ransomware is starting to feel like a full-time job and unfortunately only days after my latest ransomware piece, I find it necessary to warn you, once again about the latest threat. BadRabbit ransomware attacks started on October 24th and are currently ongoing. At the time of writing, attacks have so far taken place in Russia, Ukraine, Germany, Turkey and Japan and is likely to spread. Security experts have likened it to the recent WannaCry and Petya attacks.
This attack appears to be hitting devices in what is known as drive-by attacks. While visiting a legitimate website you may be met with a pop up suggesting that you need to download a necessary Adobe Flash Update. Do not, under any circumstances click on any part of this pop up. Just exit and navigate away from the page.
Ransomware payment is typically demanded in Bitcoins, with BadRabbit supposedly set at $280. This may seem a small price to pay to unlock your encrypted files however, IT.ie and leading security experts worldwide would strongly advise against making payment. There is no guarantee that you will have your files unlocked and you are more likely to fall victim again. The best way to ensure data continuity is to employ a reliable and secure online data backup service.
BadRabbit has already caused travel delays in the effected countries by targeting critical infrastructure. The malware attacks are disturbing because attackers quickly infected critical infrastructure, including transportation operators, indicating it was a "well-coordinated" campaign, said Robert Lipovsky, a researcher with cyber firm ESET. ESET also reports that their products detect and block the treat as Win32/Diskcoder.D.
SonicWall have also stated that their Capture Advanced Threat Protection (ATP) will stop the attack. Further information from SonicWall Here.
It’s great news that our partners ESET and SonicWall are having success against this latest threat but you shouldn’t become complacent. Infections only happen if you carry out an action, so don’t become complacent and if in doubt, Don’t Click.
Please read my piece of “Cyber Security – Top Tips” to keep you protected from any number of cyber threats.
John Grennan IT.ie