New ransomware called Bad Rabbit is taking over computers across Europe.
It’s locking users out of their machines and demanding money from them, but security experts are warning people not to pay up.
It’s currently unclear if infected computers can be fully restored, but there are ways to protect yourself from the cyber attack.
The criminals behind Bad Rabbit are tricking people into infecting themselves, by disguising the malware as an Adobe Flash installer and planting it on legitimate websites that have been compromised.
According to Kaspersky Lab, all of these are news or media sites.
Unsuspecting targets are downloading and installing the malicious software, which proceeds to encrypt all of their files, making them impossible to access.
Adobe Flash Player has long been a favourite of cyber criminals, who either keep finding security holes in the software, which they can use to attack users, or disguise malware as the Flash Player installer.
It’s being killed off in 2020, but users can protect themselves by disabling it altogether and ignoring installer prompts.
I can confirm - Vaccination for #badrabbit:— Amit Serper (@0xAmit) October 24, 2017
Create the following files c:\windows\infpub.dat && c:\windows\cscc.dat - remove ALL PERMISSIONS (inheritance) and you are now vaccinated. :) pic.twitter.com/5sXIyX3QJl
Amit Serper, a security researcher at Cybereason, claims to have found a vaccine for the attack, which should completely prevent Bad Rabbit from infecting your computer.
Step-by-step instructions are available on Cybereason’s website.
Kaspersky Lab says it has found almost 200 targets so far, most of whom are located in Russia.
However, people in Ukraine, Turkey and Germany have also been affected.
Bad Rabbit is demanding 0.05 Bitcoin (£220) from victims – a fee that looks set to rise – in exchange for the restoration of their computers.
However, security experts always advise people against paying the ransom. This is because it encourages more attacks, and there's no guarantee the attackers will actually honour their word and remove the malware from your device.