Richmond Home

Bad Rabbit Ransomware

10/25/17

This is an important message to all University of Richmond community members. Please be aware that there is a new ransomware threat making its way through the internet by posing as a Flash Update. It is called Bad Rabbit, and is being reported via news outlets. This program, if executed, encrypts your files and then encrypts your file system, which leaves you with a ransom lock screen that is displayed before Windows starts; usually with a requirement that you have to pay to have your hard drive unencrypted.

We have not had any reported cases of this ransomware being active at the University of Richmond at this time. Information Services proactively patches and updates University computer systems on a regular basis. However, we do recommend that all community members with home computer systems run the latest Windows Updates as soon as possible.

Pease remember, never click on links within emails unless you know for a fact that it is from a trusted source. You can always verify the integrity of the link by hovering your mouse over the link to see the exact address of the link destination. For instance, if the link says Fedex, but the address is NOT www.Fedex.com it is likely some form of malware.

Sources

https://www.us-cert.gov/ncas/current-activity/2017/10/24/Multiple-Ransomware-Infections-Reported

https://www.bleepingcomputer.com/news/security/small-amount-of-bad-rabbit-ransomware-victims-detected-in-the-usa/