New
#1
Thanks for the Heads Up Shawn
Bad Rabbit, a ransomware infection thought to be a new variant of Petya, has apparently hit a number of organisations in Russia and Ukraine.
In a tweet, Russian cybersecurity firm Group-IB said that at least three media organisations in the country have been hit by file-encrypting malware.
At the same time, Russian news agency Interfax said its systems have been affected by a "hacker attack".
"Interfax Group's servers have come under a hacker attack. The technical department is taking all measures to resume news services. We apologize for inconvenience," Interfax said in a statement.
Read more: Bad Rabbit ransomware: A new variant of Petya is spreading, warn researchers | ZDNet
Hi, maby stupid question, but lets say i have 3 hd in my computer, wil it encrypt all hd or just the c:/ one? and in my kodi network i have also some hd connected wil they be affected too?
Most of these ransomeware attacks go for every disk on the network.
This ransomware is really original, it pretends to be a flash installer, but it still works, so whatever.
Avoiding this one is a child's game for any administrator/user.
1. Use SUA or UAC with a password, doh.
2. Enable ValidateAdminCodeSignatures.
Bad Rabbit ransomware - SecurelistThe dropper is signed with two invalid digital certificates. The downloaded file named install_flash_player.exe needs to be manually launched by the victim. To operate correctly, it needs elevated administrative privileges which it attempts to obtain using the standard UAC prompt. If started, it will save the malicious DLL as C:\Windows\infpub.dat and launch it using rundll32.
Bad Rabbit Ransomware Outbreak in Russia and Ukraine | Anomali
So this would even go for the standalone NAS drives in my network ? I’ve got three thinking my pics / docs etc are pretty safe being backed up/mirrored in triplicate (I don’t really like cloud services) Guess I should disconnect one from the network.
presumably if our windows is up to date and defender is on with latest definitions we are protected ?
Bad Rabbit: Ten things you need to know about the latest ransomware outbreak
Bad Rabbit: Ten things you need to know about the latest ransomware outbreak | ZDNet
A number of security vendors say their products protect against Bad Rabbit. But for those who want to be sure they don't potentially fall victim to the attack, Kaspersky Lab says users can block the execution of file 'c: \ windows \ infpub.dat, C: \ Windows \ cscc.dat.' in order to prevent infection.