Facebook Warnings About the Bad Rabbit Ransomware Virus-Mostly Truth!
Summary of eRumor:
In October 2017, warnings surfaced about a ransomware virus known as “Bad Rabbit” that lures its victims in by posing as an Adobe Flash update installer, and then locks their files and demands a ransom for their release.
Credible reports of ransomware known as Bad Rabbit or “BadRabbit” that targeted media companies in Russia and Eastern Europe led the U.S. Computer Emergency Readiness Team (US-CERT) to issue an alert about Bad Rabbit on October 24, 2017.
However, warnings making the rounds on social media in the U.S. could be overstated. First, there weren’t any reports of Bad Rabbit ransomeware attacks in the U.S. Second, cybersecurity professionals concluded that Bad Rabbit was targeting corporate networks, primarily media companies in Russia.
In ransomeware attacks, victims are lured into downloading a virus onto their computer that’s disguised as something else (Bad Rabbit was disguised as an Adobe Flash updated installer). After the virus is installed, computer files are encrypted, and victims are forced to pay a “ransom” in order to regain access to their files. The Bad Rabbit ransom was reportedly about $280.
US-CERT discourages paying these ransoms, stating, “this does not guarantee that access will be restored.” Instead, those who believe their computer has been infected by Bad Rabbit (or another ransomeware) should file a complaint with the FBI’s Internet Crime Complaint Center (IC3) immediately.
Reuters was the first to report Bad Rabbit, noting that half of its victims were in Russia, with other victims also reported in Ukraine, Bulgaria, Turkey, Germany and Japan. Interfax, one of Russia’s largest news agencies, was among the attack’s most high-profile targets. The agency was back online within 24 hours, however. Officials in Ukraine said networks there were “barely affected.”
Kaspersky Lab, a global firm that sell cybersecurity products, concluded that Bad Rabbit was a coordinated attack that targeted corporate networks, primarily in the media sector. Victims were persuaded to download a phony Adobe Flash update installer the infected their computer with the ransomware. There weren’t any reports of Bad Rabbit attacks on private citizens.
In the end, we’re calling warnings about Bad Rabbit “mostly truth” because the warnings are credible, but Bad Rabbit has only targeted corporate networks outside the U.S.