Some time has passed since the last huge wave of ransomware attacks has been detected. Now, a new type has appeared and it is causing considerable damage. Especially in Eastern Europe and Russia the trojan was successful and infected several companies. But Germany has seen those attacks, too. The malware Bad Rabbit, named after a specific site in the darknet, where the victims are supposed to pay the ransom. It encrypts local data and demands 0,05 Bitcoins to provide the decryption key. Considering the recent change rates this amounts to 293 USD or 255 Euro.Click on the image to enlarge Like WannaCry and Petya before, Bad Rabbit can spread within a network. However, instead of using the EternalBlue exploit in the Version 1.0 of the SMB protocol, the malware infects other computers through the Windows Management Instrumentation (WMI). To prevent a local distribution of Bad Rabbit, it is advisable to deactivate WMI if it is not in use.
Share the article on Twitter, LinkedIn and Co.
Sign Up Hornet News
Cyberthreat Report 2019
The new Hornetsecurity Cyberthreat Report
The brand new Cyberthreat Report tells you all about current cyberthreats and gives you access to exclusive numbers statistics.
- Expansion continues: Hornetsecurity acquires long-standing British distribution partner EveryCloud
- Control Panel Version 184.108.40.206
- The understanding of data protection – beyond borders
- Cyber-criminals spread Emotet in the name of Greta Thunberg
- Hornetsecurity Services compatible with SIEM services thanks to new SIEM Connector