'Bad Rabbit Attack' Scam
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Ranking: | 11,490 |
| Threat Level: | 100 % (High) |
| Infected Computers: | 61 |
| First Seen: | October 25, 2017 |
| Last Seen: | September 1, 2023 |
| OS(es) Affected: | Windows |
The 'Bad Rabbit Attack' scam is a campaign on the Internet that disseminates misleading information via newly registered sites and directs PC users to call a computer support desk on 844-539-5778. Computer security researchers have received reports that the 'Bad Rabbit Attack' pop-up windows are generated within the browsers of PC users and promote HelpDesk services on the 844-539-5778 toll-free phone line. The 'Bad Rabbit Attack' scam is produced by con artists and uses references to the BadRabbit Ransomware, which emerged at the end of October 2017. The 'Bad Rabbit Attack' pop-up messages are observed to include images and logos taken from the BadRabbit Ransomware campaign. The con artists behind the 'Bad Rabbit Attack' scam are using visual elements from real cyber-threats to increase the credibility of the fake security warnings shown to Web surfers. The text on the 'Bad Rabbit Attack' alerts read:
'Windows Has Detected a BAD RABBIT ATTACK !! On Your System
Do Not Shutdown or Restart Your Computer
Contact Windows Certified Technicians For Immediate Assistance
** YOUR COMPUTER HAS BEEN BLOCKED **
Windows Has Detected a BAD RABBIT ATTACK !! On Your System
> Facebook Logins
> Credit Card Details
> Email Account Login
> Photos stored on this computer
You must contact us immediately so that our engineers can walk you through the removal process over the phone. Please call us within the next 5 minutes to prevent your computer from being disabled.
Call: 1-844-539-5778'
The sites used to load the misleading Windows warnings are likely to include a script that prevents Web surfers from leaving them, switching tabs, accessing bookmarks, as well as closing the browser. However, you should note that the Task Manager can be used to kill the browser's process directly. The 'Bad Rabbit Attack' pop-up windows may be displayed in full-screen mode, and an audio recording may be played in the background. Microsoft Corp. is not associated with the company that manages the 844-539-5778 toll-free phone line. The latest versions of Windows, as well as the older versions, are not configured to produce virus alerts in the browser. You should not trust the 'Bad Rabbit Attack' messages, and you should make sure to incorporate a trusted anti-malware shield to your system. You may want to help Internet browser, and security vendors block access to the untrusted pages utilized in the 'Bad Rabbit Attack' scam by reporting questionable resources you find online. Tips on how to report a page can be found below:
- Edge: Open the browser's menu and click 'Send Feedback' then choose 'Report site issue,' enter the URL and add a short explanation about your experience.
- Internet Explorer 11: Click on the gear icon, chose 'Safety' and then click 'Report unsafe site,' in the pop-up window mark the category of the site and complete the CAPTCHA challenge.
- Google Chrome: Click on the three dots icon, mark 'Help' and chose 'Report an issue.' You can add a few sentences as a comment and click 'Send.'
- Mozilla Firefox: Open the browser's menu and navigate to 'Help' (the question mark icon) and click on 'Report Deceptive Site.'
- Opera: Click on the site's badge located in the URL bar and click 'Details' then load the 'Fraud and Malware Protection' tab and click 'Report Site.'
SpyHunter Detects & Remove 'Bad Rabbit Attack' Scam
File System Details
| # | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|---|
| 1. | Endermanch@BadRabbit.exe | fbbdc39af1139aebba4da004475e8839 | 25 |
| 2. | 579fd8a0385482fb4c789561a30b09f25671e86422f40ef5cca2036b28f99648 | 1d724f95c61f1055f0d02c2154bbccd3 | 3 |
| 3. | file.exe | fa1f941b8fb0492f33d6902f02d55b97 | 0 |
| 4. | file.exe | 34c8ca24bace33c90459364ae8cfebd2 | 0 |
| 5. | file.exe | 3cb5717501a26fc7b110c5e5c95865ae | 0 |
| 6. | file.exe | 7b5b089320d83de636b9befa84c47c3e | 0 |
