Adobe Flash Security News: 'Bad Rabbit' Ransomware Spreads Across Countries Disguised as Fake Adobe Flash Installer
The world is witnessing another massive ransomware spread. The virus, called Bad Rabbit, is fooling its victims and compromising their computers by posing as a fake Adobe Flash installer.
According to reports from security firms like Kaspersky, Bad Rabbit is able to attack a computer when a person downloads fake Adobe Flash installers from bogus websites. The ransomware successfully infects a machine when the unsuspecting victims manually install the .exe file.
Making it worse, Kaspersky added, was the fact that the attackers were able to get into legitimate websites like media outlets Interfax news agency and Fontanka.ru so people thought the prompts to download and install Adobe Flash were genuine.
Get Our Latest News for FREE
Reports added that Bad Rabbit then immediately shuts down infected computers and shows a ransom message that contained a link to a Tor payment page. This was where people could pay to have their files decrypted and gain access to their computers again.
The hackers behind Bad Rabbit demand that they be paid with 0.05 Bitcoin or around $300 within 40 hours from the time the ransom message was received.
Based on the analysis done by security firms, Bad Rabbit was linked to the recent widespread ransomware attack dubbed as NotPetya due to the similar codes used on both viruses.
On the other hand, Kaspersky clarified that Bad Rabbit did not use the infamous EternalBlue vulnerability believed to be one of the exploits that the National Security Agency discovered and then allegedly stashed until hackers got into NSA's network and found them.
"Other similarities include the same list of domains used for the drive-by attack (some of those domains were hacked back in June but not used) as well as the same techniques used for spreading the malware throughout corporate networks," Kaspersky further explained.
However, Cisco Talos claimed their research showed that Bad Rabbit infects a computer through exploiting a vulnerability called EternalRomance. "This exploit takes advantage of a vulnerability described in the Microsoft MS17-010 security bulletin," the company explained.
As of this writing, confirmed Bad Rabbit attacks were reported mostly in Russia, Ukraine, Turkey, Germany, some parts of Eastern Europe, Poland, South Korea and more.
