How to Protect Your Computer from Bad Rabbit Ransomware?

by Olivia Morelli - -
12

Question

Issue: How to Protect Your Computer from Bad Rabbit Ransomware?

Hello. I am afraid of Bad Rabbit ransomware attack as my kids always play various computer games and download whatever the Internet has to offer. Can you provide a tutorial on how to set up a trustworthy computer security system so that the virus could not encrypt files on my disks? I already heard of backups as an option, but maybe there are other options?

Solved Answer

Optimize now! Optimize now!
Unique technology of Reimage recovers system with fresh files and can seriously revive the life of your machine. The free scanner will let you know which parts of your system need to be optimized. To restore your computer's peak performance, you have to purchase licensed version of Reimage Reimage repair software.

Bad Rabbit ransomware (a suspected variant of Petya 2017/NotPetya) is one of the most fearsome data-encrypting viruses at the moment. It primarily attacked Russia and Ukraine as well as Turkey and Bulgaria, but other countries are among the targets as well. The ransomware is also known as DiskCoder.D and it spreads in the form of a fake Flash Player Update that appears on websites compromised by hackers.

Protect Your PC from Bad Rabbit virus

Once installed on the system, the virus encodes all data with a combination of AES-256-CBC and RSA-2048 ciphers. [1] Following a successful encryption, the malware changes Master Boot Record[2] and restarts the computer. Also, we must point out that Bad Rabbit virus attempts to spread via SMB shares, trying to infect as many computers on the network as possible.

The malicious virus then displays a message on a black computer’s screen, telling the victim about the cyber attack which turned all victim’s files useless. Bad Rabbit demands the victim to visit a particular website via Tor browser to access data recovery solutions.

After installing the aforementioned browser and entering the provided address along with personal identification key provided by the ransomware, the victim gets access to criminals’ Bitcoin address. This address is the one where the victim is supposed to send the money to. At the moment, the malware demands 0.05 bitcoin as a ransom, which is more or less $280. Since Bitcoin value changes all the time, we believe that the price will go up shortly.

Speaking of ways to protect your computer from the described virus, we have provided a tutorial on how to create your own vaccine[3] against Bad Rabbit ransomware attack which will prevent the virus from encoding your files. Follow the steps given below, and the fearsome malware variant won’t encrypt your files.

Protect your Computer from Bad Rabbit virus attack

Method 1. A Guide on How To Create a Vaccine for Bad Rabbit Ransomware

  1. First of all, go to C:\\Windows folder. In this folder, you need to create an infpub.dat and cscc.dat file. A quick way to create both files is via Command Prompt (with Administrator’s rights).
  2. Open Start menu and use the search box to find Command Prompt (just type the name of the program into the search box). Right-click on the matching result and choose Run as administrator.How to Open Command Prompt
  3. You will be asked to provide your admin’s password in order to continue. Do as the computer requires and then you will get access to the Command Prompt (Admin mode).
  4. Once the CMD window appears, type the following commands and press Enter:
    • echo “” > c:\\windows\\cscc.dat&&echo “” > c:\\windows\\infpub.datType Commands in CMD
  5. You won’t see any pop-ups or information messages after entering this line into Command Prompt. Do not worry; the next step is to go to My PC (or My Computer), then to C:\\ disk, and then to Windows folder. Here, you will find cscc.dat and infpub.dat files. You can check their creation date to be sure that these are the files you just created. Next, you will need to modify their properties.
  6. Right-click on the cscc.dat file and choose Properties from the list.Open CSCC.dat Properties
  7. Click to open Security tab and then choose Advanced option.Open Advanced File Properties
  8. Here, select SYSTEM option and click Change Permissions. You might be asked to enter Admin’s password once again.
  9. In the next Window, you should click Disable inheritance button.Disable Inheritance
  10. Next, click Remove all inherited permissions from this object.Remove All Inherited Permissions
    • If you are using an older version of Windows, you might just need to deselect the checkbox next to Include inheritable permissions from this object’s parent and click Remove in the “Windows Security” pop-up that appears on the screen.
  11. Click Apply and OK when closing the settings panels.
  12. Now, repeat the same steps with the infpub.dat file which you also created in C:\\windows directory.

Method 2. Create a Data Backup

The second thing that you must do in order to keep your files safe and sound is to create a backup for them. To create a backup, you will need an external data storage device (USB, DVD, portable hard drive.

  1. Plug in the device to your computer.
  2. Once AutoPlay window appears, select Open Folder to View Files.AutoPlay Window
  3. The folder that appears on the screen is the place where you need to paste data copies that you want to protect. Simply search your computer for files that are important to you, copy them and paste them into the folder that belongs to the external drive you just plugged into your computer.
  4. Wait until all files are copied safely.
  5. In Windows menu tray, click on the small arrow pointing upwards and find Safely Remove Hardware and Eject Media icon (it looks like USB cable with a tick in a green circle next to it). Right-click on it, find your device and select Eject [your device name].
  6. Remove the backup and store it in a safe place.

Method 3. Protect your computer using anti-malware software.

If you take computer protection seriously, you should get a reliable security software to protect your computer from malicious programs at all times. If you are using an antivirus already, update it and also increase the security levels by installing anti-spyware and optimization software like [ref if=”Reimage”].

Method 4. Keep your software up-to-date

When trying to protect your computer from malware, it is important to remember that security vulnerabilities in outdated programs allow installation of various computer infections. Sometimes all that it takes to get infected is merely to visit a compromised domain or click on malware-laden ads. Therefore, never delay updates that your Windows computer suggests installing.

Method 5. Avoid installing Adobe Flash Player updates from unknown sites

Cybercriminals can deceive you by pushing deceptive software updates which seem useful at first sight. In reality, you should stay away from pop-up ads suggesting software updates and install them ONLY from websites that belong to developers of that particular software. For example, if you need to update Adobe Flash Player, visit Adobe website. Below, you can see some examples of deceptive Adobe Flash Player ads.[4]

Examples of Fake Adobe Flash Player Ads

Method 6. Never open questionable email attachments

Hackers tend to send out myriads of fake messages to people around the world and attach malicious files to them. While the majority of such letters get stuck in your email service provider’s “Spam” filters, some of them manage to get through. We want to advise you to stay away from suspicious messages you receive into your Inbox.

Even if the message looks legitimate, but you did not expect to receive it – better bypass it. The 2-spyware team has provided a great guide on how to identify malware-laden emails – we suggest checking it out.

Optimize your system and make it work more efficiently

Optimize your system now! If you don't want to inspect your computer manually and struggle with trying to find issues that are slowing it down, you can use optimization software listed below. All these solutions have been tested by ugetfix.com team to be sure that they help improve the system. To optimize your computer with only one click, select one of these tools:

We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use. By Downloading any provided software you agree to our privacy policy and agreement of use.
do it now!
Download
computer optimizer Happiness
Guarantee
do it now!
Download
computer optimizer Happiness
Guarantee
Compatible with Microsoft Windows Compatible with OS X
Your problem remained?
If you are not satisfied with Reimage and think that it failed to improve your computer, feel free to contact us! Please, give us all details related to your issue.
Reimage - a patented specialized Windows repair program. It will diagnose your damaged PC. It will scan all System Files, DLLs and Registry Keys that have been damaged by security threats.Reimage - a patented specialized Mac OS X repair program. It will diagnose your damaged computer. It will scan all System Files and Registry Keys that have been damaged by security threats.
This patented repair process uses a database of 25 million components that can replace any damaged or missing file on user's computer.
To repair damaged system, you have to purchase the licensed version of Reimage malware removal tool.

About the author

Olivia Morelli
Olivia Morelli - PC & Mac repair expert

Olivia Morelli is a young, but a perspicacious IT expert who is currently just a year away from a Bachelor’s Degree in Software Systems. Her primary passion is cyber security, however, thanks to her detailed understanding of computer networks, operating systems and hardware, she can find a fix for any PC or Mac issue.

Contact Olivia Morelli
About the company Esolutions

References

What you can add more about the problem: "How to Protect Your Computer from Bad Rabbit Ransomware?"