Another malware attack using the embattled Adobe Flash Player has been spotted. It’s known as the Bad Rabbit, and it’s been striking companies throughout Russia and Eastern Europe. Bad Rabbit spreads through infected websites to the computers and devices of innocent victims.
According to an intelligence team with Cisco, the threat will redirect victims to a site called 1dnscontrol.com, which hosts malicious files. Once there, victims are held hostage and are ordered to pay 0.05 bitcoins or $282 for the return of their files.
When the computer within the network is infected, it quickly spreads through the organization where there’s little chance for it to be noticed. This kind of ransomware has been seen in many countries – usually occurring within organizations in Russia and the Ukraine.
Another possible problem was tied to Adobe Flash Player, placing all computer users in danger. The group, BlackOasis, targets victims using Microsoft Office documents. To combat the problem, Adobe created and released a security update for its Flash Player program for all systems – Windows, Mac, Linux and Chrome OS.
Kaspersky Labs was the company to find the vulnerability and let Adobe know of the problem. Although Adobe is phasing its Flash Player out in 2020, it will still need to address threats until then.
Many people are choosing to forgo the plug-in for other programs, mainly because cybercriminals are exploiting the security flaws the program has. In fact, people have been disabling the plug-in their browsers, as the flaws affect both companies and individuals.
According to Kaspersky Labs, once Adobe Flash Player has been installed on a computer, the malware will have control over it. It connects to the control and command servers located in the Netherlands, Switzerland and Bulgaria, waiting on instructions before the data is extracted.
This kind of critical vulnerability is what cybercriminals are using to infect victims’ computers without their knowledge.
Adobe said it knows about the problem but suggests that it’s only targeting computers with the Windows OS software. Kaspersky Labs has been advising users to disconnect the Flash Player to protect themselves from the threat.
There have been three cases where attacks, using the 0-day exploit have occurred in 2017. To protect yourself, disable your Flash Player today.
