النسخة العربية

Oman National CERT Towards a safe cyber environment

Oman Cybersecurity CTF competition

Oman Cybersecurity CTF competition

ARCC in collaboration with Cyber Talents are organizing "Oman Cybersecurity CTF competition" hosted by ITA through Oman National CERT.

View

" Red Chungu" Training

For the first time in Oman ARCC is conducting the "Red Chungu" Training in Oman from 15 Oct 2017 to 19 Oct 2017

View
6th Regional Cyber Security Summit

6th Regional Cyber Security Summit

Date : 20th to 21st November 2017 ... Location : Sheraton Oman Hotel, Muscat

View
4th Oman National Cyber Drill

4th Oman National Cyber Drill

Date :23rd – 25th , October, 2017 ... Location : Grand Hormuz Hotel, Muscat

View
OIC-CERT Annual Conference 2017

OIC-CERT Annual Conference 2017

Date : 6 – 9 November 2017 ... Location : Baku, Azerbaijan

View

Media Center

Share it

Online Incidents Report
Request OCERT Services
Information Security Glossary

OCERT News

 

Bad Rabbit Ransomware

OCERT Latest News

26/Oct/2017


This is a Threat Notification and Alert Service (TNAS) from the Oman National CERT (OCERT). This is an advisory about a new type of Ransomware called (Bad Rabbit) which has been found spreading in Russia, Ukraine and elsewhere. The malware has affected systems at three Russian websites, an airport in Ukraine and an underground railway in the capital city, Kiev.

  • Severity: High
  • Date: October 25, 2017
  • Advisory Title: Bad Rabbit Ransomware

What is Bad Rabbit Ransomware? 
“Bad Rabbit “is a new type of ransomware malware that prevents or limits users from accessing their system, either by locking the system's screen or by locking the users' files unless a ransom is paid. It spreads through redirecting victims to malware web resource from legitimate news websites. Where a victim downloads a fake Adobe Flash installer from infected websites and manually launch the .exe file.

Impact:
Once the Adobe Flash is downloaded, the virus will affect the machine and encrypt the files, then replaces the Master Boot Record (MBR). Files will not be decrypted unless you pay the ransom.

Recommendations:
  • Ensure that the firewall and other security devices are up to date.
  • Keep your operating system Up-to-date.
  • Keep your Antivirus software up-to-date.
  • Backup Regularly: To always have a tight grip on all your important files and documents, keep a good backup routine in place that makes their copies to an external storage device that is not always connected to your PC.
  • Beware of web Phishing: Always be suspicious to download contents from untrusted websites and never click on links inside those websites unless verifying the source.
References:


  • News Archive