The ransomware BadRabbit spreads through it's Remote Desktop Protocol (RDP) or Server Message Block (SMB) protocols that allow computers as well as other devices to "talk with one another over networks.
A number of anti-virus programs protect you from ransomware Bad Rabbit.
The symptoms: Affected PC may show the following message on the screen
Turn off your anti-virus and anti-malware programs.
Oops! Your files are now encrypted.
If you are reading this message the files you have aren't accessible anymore. You may have been searching for a way to restore your files. Do not waste your time. Nobody will be able to retrieve these without our decryption services.
We want to ensure that you will be able to retrieve all your files securely. All you have to do is make the payment and receive the password for decryption.
* The data on affected systems is protected.
* The user is instructed to visit a domain on the TOR network. The payment page appears like this:
* File extensions recognized that they are affected encryption are:.3ds .7z .accdb .ai .asm .asp .aspx .avhd .back .bak .bmp .brw .c .cab .cc .cer .cfg .conf .cpp .crt .cs .ctl .cxx .dbf .der .dib .disk .djvu .doc .docx .dwg .eml .fdb .gz .h .hdd .hpp .hxx .iso .java .jfif .jpe .jpeg .jpg .js .kdbx .key .mail .mdb .msg .nrg .odc .odf .odg .odi .odm, .odp .ods .odt .ora .ost .ova .ovf .p12 .p7b .p7c .pdf .pem .pfx .php .pmf .png .ppt .pptx .ps1, .pst .pvi .py .pyc .pyw .qcow .qcow2 .rar .rb .rtf .scm .sln .sql .tar .tib .tif .tiff .vb .vbox .vbs, .vcb .vdi .vfd .vhd .vhdx .vmc .vmdk .vmsd .vmtm .vmx .vsdx .vsv .work .xls .xlsx .xml .xvd .zip
What you need to do:
Make sure you update your Webroot internet security software via www.webroot.com/safe
There are new threats and viruses every day, which is why it is essential that you keep your security program current. The majority of anti-viruses auto update to ensure you have the most current protection However, you can confirm that your program is current at any point.
* Install Webroot secureanywhere via www.webroot.com/secure.
What can you do to Avoid Being a Victim of Ransomware?
Be aware before clicking. If you get an email with an attachment, take a second thought before clicking. If you didn't expect the email or it seems suspicious, you should delete it even the email appears to be from someone you are familiar with. It is always possible to request that they forward it to you again if you believe it's genuine.
Backup your files. Make sure that you have backups of your data. This way, should they are compromised during an attack by ransomware and you need to clean your disk drive and recover your files from backup. Keep in mind that backups may be infected, which is why it is recommended to remove the backup drives you have from your computer as soon as you can to avoid this occurring.
Make sure to update your computer and other devices. Make sure that your operating system on your PC is current. Software updates and patches include security enhancements that aid in protecting the PC, making it harder for viruses and ransomware to be able to infect it.
No More Ransom aims to aid victims of ransomware to retrieve their data encrypted without paying the hackers.