Skip to content

TitanHQ Press Releases

Bad Rabbit - New ransomware attack hits Russia and spreads around globe

Cybersecurity experts have said that the ransomware -- which posed as an Adobe update before locking down computers and demanding money for people to get their files back -- targeted Russian media companies and Ukrainian transportation systems. It has also been detected in other countries including the U.S., Germany and Japan.

Bad Rabbit appears to be one of the biggest since the Petya cyberattack that caused chaos worldwide in June. NotPetya, along with Wannacry, caused widespread disruption affecting businesses, government institutions and hospitals.

How is Bad Rabbit distributed?

Unlike other recent malware epidemics which spread through more passive means, Bad Rabbit requires a potential victim to download and execute a bogus Adobe Flash installer file, thereby infecting themselves. While a user is visiting a legitimate but compromised website, a malware dropper is downloaded and disguised as an Adobe Flash installer. One of the distribution method of Bad Rabbit is via drive-by download. Some popular websites are compromised and have JavaScript injected in their HTML body or in one of their .js file.

The downloaded file is named “install_flash_player.exe” and needs to be manually launched by the victim.

Reports suggest that unlike Petya, Bad Rabbit is not a wiper. That said, giving in to a ransom only encourages the proliferation of this kind of cybercrime – so don’t pay.

Preventing a ransomware infection

What is Bad Rabbit‘s lesson? The truth is you don’t have to be fooled again by ransomware attacks. The culmination of :

  • regular patching of operating systems and applications,
  • use of 3-2-1 back up approach,
  • email and Internet filtering,
  • an installed security suite,
  • protecting privileged credentials at endpoints
  • and user education will prevent most infections.

Are you an IT professional that wants to ensure sensitive data and devices are protected?  Talk to a specialist or email us at with any questions.

Get Your 14 Day Free Trial

Talk to Our Email and DNS Security Team

Call us on UK/EU +44 203 808 5467

Contact Us