'Bad Rabbit Attack' Scam

'Bad Rabbit Attack' Scam Description

The 'Bad Rabbit Attack' scam is a campaign on the Internet that disseminates misleading information via newly registered sites and directs PC users to call a computer support desk on 844-539-5778. Computer security researchers have received reports that the 'Bad Rabbit Attack' pop-up windows are generated within the browsers of PC users and promote HelpDesk services on the 844-539-5778 toll-free phone line. The 'Bad Rabbit Attack' scam is produced by con artists and uses references to the BadRabbit Ransomware, which emerged at the end of October 2017. The 'Bad Rabbit Attack' pop-up messages are observed to include images and logos taken from the BadRabbit Ransomware campaign. The con artists behind the 'Bad Rabbit Attack' scam are using visual elements from real cyber-threats to increase the credibility of the fake security warnings shown to Web surfers. The text on the 'Bad Rabbit Attack' alerts read:

'Windows Has Detected a BAD RABBIT ATTACK !! On Your System
Do Not Shutdown or Restart Your Computer
Contact Windows Certified Technicians For Immediate Assistance

Windows Has Detected a BAD RABBIT ATTACK !! On Your System
> Facebook Logins
> Credit Card Details
> Email Account Login
> Photos stored on this computer
You must contact us immediately so that our engineers can walk you through the removal process over the phone. Please call us within the next 5 minutes to prevent your computer from being disabled.
Call: 1-844-539-5778'

The sites used to load the misleading Windows warnings are likely to include a script that prevents Web surfers from leaving them, switching tabs, accessing bookmarks, as well as closing the browser. However, you should note that the Task Manager can be used to kill the browser's process directly. The 'Bad Rabbit Attack' pop-up windows may be displayed in full-screen mode, and an audio recording may be played in the background. Microsoft Corp. is not associated with the company that manages the 844-539-5778 toll-free phone line. The latest versions of Windows, as well as the older versions, are not configured to produce virus alerts in the browser. You should not trust the 'Bad Rabbit Attack' messages, and you should make sure to incorporate a trusted anti-malware shield to your system. You may want to help Internet browser, and security vendors block access to the untrusted pages utilized in the 'Bad Rabbit Attack' scam by reporting questionable resources you find online. Tips on how to report a page can be found below:

  • Edge: Open the browser's menu and click 'Send Feedback' then choose 'Report site issue,' enter the URL and add a short explanation about your experience.
  • Internet Explorer 11: Click on the gear icon, chose 'Safety' and then click 'Report unsafe site,' in the pop-up window mark the category of the site and complete the CAPTCHA challenge.
  • Google Chrome: Click on the three dots icon, mark 'Help' and chose 'Report an issue.' You can add a few sentences as a comment and click 'Send.'
  • Mozilla Firefox: Open the browser's menu and navigate to 'Help' (the question mark icon) and click on 'Report Deceptive Site.'
  • Opera: Click on the site's badge located in the URL bar and click 'Details' then load the 'Fraud and Malware Protection' tab and click 'Report Site.'

Technical Information

File System Details

'Bad Rabbit Attack' Scam creates the following file(s):
# File Name Size MD5 Detection Count
1 install_flash_player.exe 441,899 fbbdc39af1139aebba4da004475e8839 6
2 infub.dat 410,760 1d724f95c61f1055f0d02c2154bbccd3 0
3 dispci.exe 142,848 b14d8faf7f0cbcfad051cefe5f39645f 0
4 file.exe 419,401 fa1f941b8fb0492f33d6902f02d55b97 0
More files

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.