FANDOM


Bad rabbit ransomware 01
Bad Rabbit is a ransomware trojan on Microsoft Windows, currently infecting some parts of Eastern Europe. The virus is also based on Petya.
Bad Rabbit Ransomware Early Halloween?

Bad Rabbit Ransomware Early Halloween?

Bad Rabbit Ransomware review by The PC Security Channel

Payloads

When run, it masquerades as a fake Adobe Flash installer, and requires administrator privileges to be run. The virus uses AES-256-CBC and RSA-2048 ciphers to lock the files, adds .encrypted extension to their original filenames, creates a Readme.txt file which it places on the Desktop. Bad Rabbit replaces Master Boot Record (MBR) and restarts the computer.  

The victim loses access to the computer as it fails to boot and displays a threatening message on a black screen. The ransomware says “Oops! Your files have been encrypted!” and explains that the only possible data restoration method is paying a ransom to virus' authors.

Affected Organizations

  • Odessa airport (Ukraine)
  • Kiev Metro (Ukraine)
  • Interfax (Russia)