en
Back to the list

Bad Rabbit, indeed: new cryptocurrency ransomware

25 October 2017 21:00, UTC

Unknown hackers attack computers and resources around the world again. This new virus is called BadRabbit, and first of all, if you want to efficiently protect their data from it, go to C:/Windows and create two files there – infpub.dat and cscc.dat, then make them read-only. Or ask someone who it better at Windows than you to do this. This has been confirmed to be an efficient vaccination by cyber experts.

Wallets mentioned in the hackers’ messages, according to Bitcoin wallet monitoring site, have had only three  transactions yet – while the virus demands 0.05 BTC and promises to raise fees in the future, these transactions are very little and almost certainly made by those who search for hackers as a test of some kind. The media previously stated there were no transactions on these wallets at all. Yet another hacker team puts the reputation of cryptocurrencies in jeopardy...

Russia, Ukraine, Turkey and Germany are the main countries where this virus has spread, with unconfirmed sightings in the United States. In case with Russia, even big media companies were attacked, including Interfax and Fontanka.

Thanks to the fact hackers use Bitcoin, we can at least deduce who felt for their promises of decryption (no one, it turns out, as people learned from WannaCry and other previous ransomware attacks that racketeers rarely fulfill their promises).

And yes, please check every Adobe Flash update file for viruses. BadRabbit authors chose fake Adobe Flash update executables as the primary means of infiltration to the system.