On 24 Oct 2017, a large ransomware outbreak central to Russia and the Ukraine, spreading to parts of Turkey and Germany, has been reported in the media.
Dubbed “Bad Rabbit”, it is reportedly a new Petya-like targeted ransomware attack against corporate networks, infecting computers with malicious code and restricting user access to the infected machine until a bitcoin ransom is paid.
Present findings indicate that the malware is being distributed by sites appearing to be disguised as Adobe Flash update portals, using fake Adobe Flash players installer to lure victims’ in to install malware unwittingly.
The Bad Rabbit ransomware uses DiskCryptor, an open source full drive encryption software, to encrypt files on infected computers with RSA 2048 keys.
At present, there has not been any reports of “Bad Rabbit” infecting machines in Singapore but we will continue to monitor the situation closely.
How Do You Know That You Are Infected?
You will see warning screen, similar to the one on this post, indicating that you have been infected and demanding a payment in bitcoin
What Should I Do If I Am Infected?
(a) Disconnect your machine from the network. If there is a network cable, remove it. If you have a wireless connection, disable your wireless adapter.
(b) Isolate your machine from the network and any other forms of connectivity.
(c) Do not attempt to perform any self remedy, you are advise to contact us or your appointed IT Technical Resource immediately for further advice and action.
What Can I Do To Prevent?
(a) Users should exercise caution and avoid opening suspicious email attachments, When in doubt, please clarify with the sender.
(b) Uses should refrain from click on suspicious links to websites that you are not familiar with. These websites may contain malicious code that will infect your machines.
(c) Users are to exercise caution when accessing websites that require you to perform any update on any software on your machine. All updates to your machine should be done by us via our Remote Monitoring and Management portal or via your appointed IT Technical Resource.
(d) Do not download or install any software that have been provided to you from unofficial or disreputable sources. When in doubt, please contact us or your appointed IT Technical Resource for clarification.
ManagedIT.SG is an IT Support, IT Solutioning and Managed IT Service Provider specializing in serving Small Businesses in Singapore. Call us at +65 6748 8776 and let us manage your Small Business IT today!
Did you know? ManagedIT.SG has a Proactive Prevention + Reactive Support program that might help in negating the ill-effects and threats of malware/ransomware. Learn more by clicking on the link.