Emerging Threats

BadRabbit ransomware attack outbreak in Europe


A new strain of ransomware has appeared, targeting countries in Europe. On October 24th 2017 several media outlets began to report on the “BadRabbit” ransomware affecting among others, Ukraine’s Odessa airport, the metro system in Kiev, and several Russian media outlets.

Initial reports are that this malware seems to be a variant similar to the Petya ransomware and will encrypt data files, asking users to pay a ransom of around £213($283). It is not impacting individual users at the time of this writing.

Norton customers are advised they are protected against the “BadRabbit” ransomware attacks.

What is Ransomware?

Ransomware is a form of malware that will lock files on a computer using encryption and generally present users with an ultimatum: pay a fee to unlock and reclaim personal data, or don’t pay the fee and lose the data indefinitely. Ransomware is able to automatically corrupt and delete files in the event that monetary compensation is not received, leaving most users with little time to resolve the problem through alternate means.

Five Ransomware Dos and Don’ts:

Don’t pay the ransom. It may seem like the easy way out, but there’s no guarantee that you will actually get your files back if you pay. At the very least, you’re just helping fund the criminals for their next attack.

Do back up your data on a regular basis. Backing up your files can save you a lot of bother. In the event of becoming a victim of a ransomware attack, you will be able to restore any impacted files from a known good backup. Restoration of your files from a backup is the fastest way to regain access to your important data.

Don’t click on attachments in email. There are a lot of different gangs running ransomware scams, who use different ways to try and infect you. One of the most popular is using spam. The email could be saying there was a package for you that couldn’t be delivered. Or a cool screensaver that you should install. Whatever the con, the bad guys want you to click on an attachment to install the malware. Don’t do it. Just don’t click.

Do use security software. Arm your devices with a reputable security software and most importantly keep it up to date with a current subscription. Having outdated software can leave your devices vulnerable to attack. Services like Norton Security can help secure your devices with round the clock protection against new and emerging viruses, spyware, malware and other online threats.

Do keep software up to date. The bad guys know about weaknesses in the software on your PC before you do. And they try to use them to get on your machine. It's called exploiting a vulnerability. Patching removes the vulnerability. If you’re asked if you want to update your software – Do. It. Now. Waiting only helps the bad guys.

Symantec is continuing to analyse this threat and will post further information as soon as it becomes available.