For once we can pause and be thankful a new massive cybersecurity threat hasn’t happened on US soil, instead, Russia is in the cross-hairs. A new, highly-advanced malware dubbed BadRabbit has swept through multiple news agencies, airports, and train stations, leaving chaos in its wake. The attack is primarily centered in Russia, but BadRabbit has also infected computers in Ukraine, Turkey, and Germany. The US has been unaffected…. so far!
BadRabbit uses hacked Russian media websites to display fake Adobe Flash installers – you know, when your computer says you need to update Flash before watching that cute cat video or an amazing sports highlight. If you succumb to the temptation to click to update, you could be in trouble. Instead of seeing cute cats or wicked sports moves, you’ll see a black screen with orange text.
You see, BadRabbit uses a legitimate, digitally-signed program called DiskCryptor to lock victims’ hard drives and hold their files hostage. The black screen directs the victims to a site on the Dark Web where they can pay $0.5 Bitcoins (about $283) to release their files. If the ransom isn’t paid within 40 hours, the price increases.
Why are we telling you about this attack spotted on the other side of the world?
- BadRabbit could migrate to the US or could attack a laptop a UD person takes on an international trip.
- Ransomware attacks are another reason why computer users should regularly backup their data on password-protected drives or using UD’s Code42 CrashPlan license (for University-owned computers) or other backup services (e.g., Carbonite or Apple Time Machine). Having a clean backup of your entire system is one of the best defenses against ransomware.
- The way BadRabbit gets on to a computer serves as a reminder that people should never download apps or software from pop-up advertisements or websites that are not verified by the software company.
Above all else,
Think B4 U Click!!