What the Tech? Bad rabbit - WRCBtv.com | Chattanooga News, Weather & Sports

What the Tech? Bad rabbit

Posted: Updated:

A third global ransom-ware attack is underway, crippling airports, media outlets and banks in Russia and cyber-security experts say it's beginning to show up on computers and networks in the United States.

"They're sending it out in the social environment where they know people will click on it," said Michael Lewis a cyber-security expert with Copper State Communications. "These guys are really put together well. It's not just some kid in the basement anymore, it's a well organized crime syndicate."

Bad Rabbit, as it's called is similar to and likely developed by the same syndicate from the Ukraine that unleashed Petya earlier this year. That ransomware attack hit corporations and hospitals in the U.S.

The ransomware gets installed on a computer and can spread to other computers on a business network. It can infect a computer simply by a click from the computer user. This particular ransomware is being spread, experts say, through a link to a fake update of Adobe's Flash Player which is installed on virtually every PC.

It locks the computer and demands a ransom in order to decrypte the files and restored. Users are being told to pay .05 in Bitcoin which is currently around $280.

"Currently they're saying if you don't pay it in 40 hours, we're going to up the ante on you. So maybe it's $450 instead of the $300 we were asking for," said Lewis.

While the bad guys can make quite a lot of money from home computer users they are ultimately interested in infecting networks of large corporations.

"They're working on finding out the best way to not just infiltrate your data but to infiltrate corporations; that's where the big money is," said Lewis.

Each time the syndicate releases a ransomware attack the code is better and smarter than the last one. Lewis said there are two things a computer user can do to protect themselves.

"I would never click on an ad on a website," he said. "Because a lot of the companies that have websites out there, they're getting hacked themselves and that's where the virus is." Secondly, "Make sure you have a really good anti-virus and anti-malware detection. They are two different things; make sure you have both of them running on your system."

Powered by Frankly