Bad Rabbit Ransomware

The latest Ransomware to make the headlines is called Bad Rabbit. It is a newer version of the Petya/Not Petya Ransomware which came out last year.

The Bad Rabbit attack comes through the form of social engineering. On infected websites, users will be prompted to update Adobe Flash Player. However, what users are actually installing is the Ransomware, not Flash.

Social Engineering

Since most companies protect themselves with firewalls and antiviruses (yes, there are some that still don’t), it is possible for criminals to try to get through these systems, however the easiest path is through the user. If a criminal is able to have a user bypass these security controls on their behalf, then their work is so much easier.

The most common methods for getting users to act on their behalf are through false web updates, like the method used by the Bad Rabbit programmers, or more typically through email phishing attacks.It can be easy to spot most of these phishing attacks if you have a trained eye. If you hover over the links in emails that might look like phishing attempts, you can see that these are to domains that would not be from Dropbox either:

We’ve partnered with a security company to provide training and simulated phishing exercises and this will be a core component of our upcoming Advanced Security offering. It’s important that even though your castle might be protected with a shark filled moat and high castle walls, someone doesn’t lower the drawbridge for the trojan horse to walk into your castle!

If that happens, you will be greeted with this.