The new ransom virus "the bad rabbit" that hit The European countries and how to protect yourself from it.
After the ‘WannaCry virus’ cause an Unprecedented worldwide cyber attack in the year of 2017 The pirates broke into dozens of countries and institutions and major international companies and incrypt information and documents, the pirates demande was that the victims have to pay a ransom in order for decoding .
After a major security update from Microsoft and other systems, the virus attacks were stopped, but it seems that it has not yet ended. A similar virus, known as the "bad rabbit,". It has been widespread in a number of European countries, namely Russia, Ukraine, The number is getting higher
The virus has so far succeeded in attacking the Odessa airport and the Ukrainian Ministry of Transport. Metro Kiev and a group of Russian press institutions as well as in Turkey and Bulgaria at different levels.
How does the virus spread?
According to several security reports, the new virus is spreading in a virtual update of the Adobe Flash player program, and the virus comes with tools that help it move horizontally within the network, which may explain why it spread very quickly across many organizations, companies and countries in a short period. Based on the virus analysis, He tries to reach an access to the servers and computers that work on the same network via "SMB".
When a computer is infected with the virus, He first encrypts the files on the user's computer and replaces the Master Boot Record (MBR). When the job is done , He restarts the user's computer and shows you the pernicious message that require your visit to the pirate site in order to pay 0.05 bitcoin four decoding your files
How to protect yourself?
First, if you have Adobe Flash player program on your computer, do not update it except from the official Adobe website, and if you see any message asking you to update the program do not do so.
Secondly, prevent the following extension from your device:
c: \ windows \ infpub.dat
c: \ Windows \ cscc.dat.
Thirdly, stop WMI services to prevent malicious software from spreading in your network.