النسخة العربية

Oman National CERT Towards a safe cyber environment

Oman Threat Hunter 2018

Oman Threat Hunter 2018

“THREAT HUNTER” a national competition that is organized by ITU-Arab Regional Cybersecurity Center (ITU-ARCC) in a partnership with Silensec ...

View
Guide Manual for Reporting Abuse Through Social Media

Guide Manual for Reporting Abuse Through Social Media

This guidance booklet is written to facilitate reporting abuse process through Social Media and afford easy, smooth, and clear way of guidance to report over social media correctly.

View
Cybersecurity Specialized Training Courses

Cybersecurity Specialized Training Courses

Oman National CERT in cooperation with the Arab Regional Cybersecurity Center (ARCC) is conducting a series of specialized training in cybersecurity hosted in Oman.

View
Oman CERT participation in the Safer Internet Day 2018

Oman CERT participation in the Safer Internet Day 2018

Oman CERT is participating in the Safer Internet Day 2018 on 6th of February 2018, under the Theme: Create, connect and share respect: A better internet starts with you

View
Oman Cybersecurity CTF competition

Oman Cybersecurity CTF competition

ARCC in collaboration with Cyber Talents are organizing "Oman Cybersecurity CTF competition" hosted by ITA through Oman National CERT.

View

Media Center

Share it

Online Incidents Report
Request OCERT Services
Information Security Glossary

OCERT News

 

Bad Rabbit Ransomware

OCERT Latest News

26/Oct/2017


This is a Threat Notification and Alert Service (TNAS) from the Oman National CERT (OCERT). This is an advisory about a new type of Ransomware called (Bad Rabbit) which has been found spreading in Russia, Ukraine and elsewhere. The malware has affected systems at three Russian websites, an airport in Ukraine and an underground railway in the capital city, Kiev.

  • Severity: High
  • Date: October 25, 2017
  • Advisory Title: Bad Rabbit Ransomware

What is Bad Rabbit Ransomware? 
“Bad Rabbit “is a new type of ransomware malware that prevents or limits users from accessing their system, either by locking the system's screen or by locking the users' files unless a ransom is paid. It spreads through redirecting victims to malware web resource from legitimate news websites. Where a victim downloads a fake Adobe Flash installer from infected websites and manually launch the .exe file.

Impact:
Once the Adobe Flash is downloaded, the virus will affect the machine and encrypt the files, then replaces the Master Boot Record (MBR). Files will not be decrypted unless you pay the ransom.

Recommendations:
  • Ensure that the firewall and other security devices are up to date.
  • Keep your operating system Up-to-date.
  • Keep your Antivirus software up-to-date.
  • Backup Regularly: To always have a tight grip on all your important files and documents, keep a good backup routine in place that makes their copies to an external storage device that is not always connected to your PC.
  • Beware of web Phishing: Always be suspicious to download contents from untrusted websites and never click on links inside those websites unless verifying the source.
References:


  • News Archive