What are the reasons for remapping a computer

Bad Rabbit

Bad Rabbit is a strain of ransomware that first appeared in 2017. He seemed to have his sights set on media companies in Russia and Ukraine. In most cases, it spread by posing as an update to Adobe Flash Media Player and tricking victims into clicking and opening a malicious file.

Like other types of ransomware, bad rabbit virus locks victims' computers, servers, or files and prevents access until the ransom - usually in Bitcoin - is paid. Learn more about ransomware here.

history

Bad Rabbit first appeared in 2017 and is similar to the ransomware strains WannaCry and Petya.

Disguised as an Adobe Flash installer, Bad Rabbit spreads through drive-by downloads on compromised websites. This means that victims could be exposed to the virus just by visiting a malicious or compromised website. The malware is embedded in the websites using JavaScript that is inserted into the website's HTML code.

When someone clicks on the malicious installer, Bad Rabbit encrypts the files and presents users with a sober black and red message that says, “If you see this text, you will no longer have access to your files. Perhaps you have been looking for a way to get your files back. Don't waste your time. "

The text calls for around $ 280 in Bitcoin and gives 40 hours for payment.[1] The victims reported that after paying, their files were actually unlocked, which is not always the case with other ransomware attacks.

Elimination

Ransomware like Bad Rabbit attacks the network in one of two ways: as an encryption program (as in the case of Bad Rabbit) or as a screen lock. Encryption programs lock data on a target system and the content becomes inaccessible without a decryption key. A screen lock blocks access to the system through a lock screen that merely claims that the system is encrypted.[2]

In either case, preventing ransomware is a far better option than eliminating it.

Once you realize that you are a victim of a Bad Rabbit ransomware attack, here are some steps you should take:[3]

  1. Contact law enforcement agencies.
  2. Disconnect your network from any computers, servers, or other devices.
  3. Use your understanding of the threat intelligence to determine the scope of the problem.
  4. Arrange a response. Some types of ransomware, such as B. Screen locks are easier to remove. Others may require a complete re-mapping (deletion) of systems and restoring of files from a backup.
  5. Look for free ransomware decryption tools - but don't rely on them. They don't work for every type of ransomware and may not help you recover your files.
  6. Use your backup systems to restore blocked files.

[1] Lena Fuks (Security Boulevard). "10 Ransomware Attacks You Should Know About in 2019." April 2019.