Bad Rabbit ransomware is a new improved form of malware attack which encrypts a target device with specific instructions how a user can recover back their hacked system. In most cases, this done with a bitcoin address where a specific amount can be deposited, the more time elapses before attackers receive their requested amount, more money that is charged in return to decrypt target devices.
This form of attack was first experienced early this year in several countries including USA, Russia among others where the then Wanna cry attack affected several target information systems and institutions, recently the ransomware attacks bounced back with an attack on HBO cable network a company responsible for the complete production of Game of thrones series which was attacked and several scripts together with in production episodes were leaked on the internet due to the company’s failure to pay all required bitcoins.
According to recent reports the new Bad Rabbit malware is believed to be spread by the same Wanna cry attackers who posed a big threat the world’s top institutions earlier this year. The ransomware was recently discovered in Europe, Ukraine and Russia while it is spreading to more countries disguising as Adobe flash updates for victims to download.
However, in an attempt to draw more light on the current situation and alert unsuspecting internet users several security experts stated that the ransomware doesn’t deliver an actual flash update to infect the system, but only pretends to be adobe flash updater to fool people into downloading it. Security experts at Kaspersky Labs warned against the BadRabbit attacks as shared by Romanian anti hacker Costin Raiu.
How it works
Ransomware malware operates through tricking unsuspecting internet users into installing false software or app updates that encrypt the target system and ask the victim to complete specific tasks before a compromised device can be decrypted. Victims are in most cases issued bitcoin addresses where requested funds can be deposited in order to decrypt the system.
— Costin Raiu (@craiu) October 24, 2017
Furthermore the more, attackers who delay to pay the ransom, have their funds accumulate in most cases up to twice every 4 hours according to the recent wanna cry attack demands. However, attackers only use Bitcoin addresses to receive funds which is a form of crypto currency that is governed by no central body but rather account holders thus making it impossible for the malware distributors to be traced.