Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

What is ransomware and how do I protect my PC from Petya and Bad Rabbit?

Jim Martin | Oct. 26, 2017
Everything you need to know about ransomware including the latest attack, how to protect your PCs and laptops and what to do if you're affected

Following the WannaCry and 'NotPeyta' attacks back in the summer, there's new ransomware spreading across the world. Ransomware stops you from accessing any files on the 'infected' computer until you pay the ransom. Here we explain what you need to do to protect your precious data.

The latest malware is being called Bad Rabbit and, according to Kaspersky, is targeting both consumers and businesses. So far it has observed attacks in Russia and Ukraine. It posted the screenshot below on its blog.

ESET has reported that the Kiev metro and Odessa airport has been hit by a new version of the infamous Diskcoder ransomware - which could also be Bad Rabbit at work.

The malware appears to be automatically downloaded when users visit legitimate websites, but as it doesn't use any exploits as with previous ransomware, it relies on the user to run the program manually. It poses as an Adobe Flash installer.

When the program is run, it displays a similar message to other ransomware and tells users to send just under $300 to a Bitcoin account.

ESET says that Turkey, Bulgaria and other countries in addition to Russia and Ukraine are affected.

There's also the ongoing threat from the group responsible for leaking the vulnerabilities for WannaCry. Shadow Brokers, as it's called, had already said it would leak more vulnerabilities and a Reuters report outlined the blog post from the group which says it is "setting up a monthly data dump" that it will sell to anyone willing to pay.

It says that the exploits will enable criminals to code malware that will break into web browsers, phones, routers and Windows 10 systems. However, you can use our tips below to help keep your computers and files safe.

 

What is ransomware?

It's a malicious program that's like a computer virus. It's designed to scan your hard drives and encrypt as many files as it can so you can't access them. The files are still there and you have to pay a sum - the ransom - in order to get your files back. This is usually done via Bitcoin, as it's anonymous. Related article: Best antivirus 2017

Sometimes, manual human intervention is required of the hackers to decrypt your files once you've paid. But since you're dealing with criminals, there's no reason to think they will do what they promise. So most experts recommend you don't pay.

 

How does ransomware work?

Like a lot of malware, it can arrive as an email attachment. This method - relies on computer users opening the attachment, or clicking on a link in an email, which causes the program to run.

 

1  2  3  4  Next Page 

Sign up for CIO Asia eNewsletters.