Malware Wiki

What is Bad Rabbit?[]

Bad Rabbit is a strain of Ransomware that first appeared in 2017 and is a suspected variant of Petya. Like other strains of ransomware, Bad Rabbit virus infections lock up victims’ computers, servers, or files preventing them from regaining access until a ransom is paid.

This is what it looks like[]

Bad Rabbit first appeared in 2017 and has similarities to ransomware strains called WannaCry and Petya.  

Disguised as an Adobe Flash installer, a Bad Rabbit attack spreads through drive-by downloads on compromised websites, meaning victims could be exposed to the virus simply by visiting a malicious or compromised website. The Bad Rabbit malware is embedded into websites using JavaScript injected into the site’s HTML code.

If a person clicks on the malicious installer, BadRabbit ransomware encrypts files and presents users with an austere black-and-red message. It reads in part: “If you see this text, your files are no longer accessible. You might have been looking for a way to recover your files. Don’t waste your time.”

The text demands around $280 in Bitcoin and gives a 40-hour deadline for payments to be made. Victims reported that making the payment did unlock their files, though this isn’t always the case in other ransomware attacks.

What it looks like