On October 24th, 2017, a new ransomware attack called “Bad Rabbit” affected a number of large networks in Eastern Europe and Russia.

According to Avast & Russian cybersecurity company Group-IB, nearly 200 targets have reportedly been infected, which included three major Russian media organizations. Even though Bad Rabbit may not be quite as dangerous as Petya or WannaCry (yet), there are some similarities between it and those infamous ransomware threats.

Bad Rabbit is a ransomware attack that spreads through a fake Flash update that burrows a malicious file on your computer. We urge everyone to NOT allow any Flash updates that have not been deemed safe, particularly when triggered by questionable websites.

Once installed, a ransom note appears alerting users that their files are “no longer accessible” and that they “guarantee that you can recover all your files safely.” Using DiskCryptor, infected targets are presented with a countdown timer on a Tor Browser payment page, warning the user to pay the ransom within the first40 hours: a sum of $285 (0.05 bitcoin) to decrypt their files. If the ransom is not paid before the timer runs out, the fee rises until you pay.


Similar to Petya & WannaCry, there’s never a guarantee of file accessibility when dealing with a ransomware attack. The best course of action is prevention.

As of this posting, none of our clients have yet been infected by the Bad Rabbit ransomware as we are actively monitoring and proactively protecting our clients with the best technology available. We maintain a Test environment to deploy updates such as Flash to prevent our clients from experiencing outages. If you were to get infected, we would be able to recover your data and get you back up with minimal downtime through our array of backup options.

Give us a call at (877) 85-RHINO. Our number one priority is to ensure your network is as stable, reliable and as safe as possible. We take our responsibilities seriously and do everything to protect your assets.