A new type of ransomware named “Bad Rabbit” is sweeping through Russia and Ukraine.
According to Kaspersky Lab, the ransomware dropper is distributed via drive-by attacks.
While a user is visiting a legitimate but compromised website, a malware dropper is downloaded and disguised as an Adobe Flash installer.
The downloaded file is named “install_flash_player.exe” and needs to be manually launched by the victim.
“Our observations suggest this is a targeted attack against corporate networks, using methods similar to those used during the ExPetr attack,” said Kaspersky.
A screenshot of an infected system is below.