Home Malware Programs Ransomware Rabbit Ransomware

Rabbit Ransomware

Posted: March 25, 2019

The Rabbit Ransomware is a screen-locker Trojan that blocks your Windows UI with a pop-up. The window demands a ransom in cryptocurrency for the unlocking code, although, since users can input the solution freely, there's no need of paying. Malware experts recommend uninstalling the Rabbit Ransomware in Safe Mode with appropriate anti-malware services after disabling the threat's attack.

Trojans Hopping onto Your Monitor – and Staying There

The category of threats identifiable as screen-locking Trojans lacks the overt damage to files and data that a more in-depth competitor, like a traditional Ransomware-as-a-Service family such as Crysis, could inflict. However, for users without any preparation or forewarning, screen-locking Trojans can be just as good at bringing one's computer use to a halt until the victim surrenders their money. The Rabbit Ransomware, an independent Trojan, is one of the newest of these threats that malware analysts are confirming.

The Rabbit Ransomware is a Windows program that, appropriately, pretends that it's a component of the OS for tricking users into clicking it. After it runs, the Rabbit Ransomware launches an advanced HTML or HTA pop-up with white text on a blue background, a countdown that alerts you of the upcoming deletion of your files, and a password field. The Rabbit Ransomware asks for a cryptocurrency payment through Bitcoin or Ethereum for giving victims the code for removing the Rabbit Ransomware's window, and at much cheaper rates than traditional: roughly twenty dollars.

Like the majority of non-professional Trojan campaigns, the Rabbit Ransomware, however, uses insufficient security for its unlocking routine. Entering 'RabbCompany66' should remove this window, in current versions of the Rabbit Ransomware. In other cases, malware experts suggest restarting in Safe Mode or using a USB-loaded OS for getting access to Windows without the Trojan's pop-up blocking your interface.

The Update with Furry Extras Inside

The author of the Rabbit Ransomware is pretending that the Trojan is a 'Windows Service Update' for his distribution purposes. Fake software updates are tactics that can circulate throughout compromised advertising networks and corrupted domains and may include additional issues, such as exploit kits that are triggering downloads automatically. Disabling vulnerable features like JavaScript, if possible, update all software regularly, and avoid patches that aren't from authentic sources for keeping your browser and computer safe.

The Rabbit Ransomware uses a static or hard-coded password, but many Trojans use dynamic information for keeping their payloads secure from any victim-side solutions. Although the Rabbit Ransomware does no more than blocking the user interface, it may include other attacks, such as file deletion, in its future releases. An acceptable minority of anti-malware products are detecting the threat's current installer, and malware experts recommend such software for removing the Rabbit Ransomware, ordinarily.

The Rabbit Ransomware is bouncing its way over to a minor profit margin, but one that may be more tempting for its affordability. Falling prey to criminals over easily-avoided UI obstacles, however, never is to your benefit.

Related Posts

Loading...