Bad Rabbit Ransomware Strikes Targets in Eastern Europe

Bad Rabbit Ransomware Strikes Targets in Eastern Europe

In yet another widespread ransomware attack, Eastern European countries saw an assortment of their critical establishments and infrastructures struck by an infection known as Bad Rabbit. Government buildings, media establishments, and transportation centers were among the targets of this attack.

Focused in Russia and Ukraine but also spotted in Bulgaria, Germany, and Turkey, Bad Rabbit shut down Russia’s Interfax Agency--a major news outlet--as well as Ukraine’s Kiev Metro, the Odessa International Airport, and both the Ministry of Infrastructure and the Ministry of Finance. The attack on Kiev Metro was found to leverage Diskcoder.D, yet another variant of the infamous Petya ransomware.

Fortunately, there is a considerably lesser chance of Bad Rabbit repeating what WannaCry managed to accomplish during its spread across Europe and, to a lesser extent, North America. This is because, instead of relying on a worm as WannaCry did, Bad Rabbit uses a server message block vulnerability called EternalRomance to spread, after being downloaded while disguised as an Adobe Flash installer on legitimate websites. It would also appear that Bad Rabbit and NotPetya (another significant ransomware attack) were deployed by the same threat actor, as 67 percent of their codebases are the same.

There is also evidence that this threat actor is a Game of Thrones fan, as the code strings used in Bad Rabbit include character names from the novels and television series.

Unfortunately, Bad Rabbit should not have been able to spread as far as it has, as Microsoft released a patch for EternalRomance in March, when the EternalBlue vulnerability was also patched. This makes this attack yet another example of why it is crucial to install patches and updates when they are released--if the organizations affected by Bad Rabbit had done so, they would not be in the position they are now.

Celera Networks can help you make sure that your systems are not left vulnerable to attacks like this by managing your patches and updates for you. Reach out by calling (617) 375-9100 for more information.



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Monday, 20 November 2017

Captcha Image

Request a Free Consultation

  • Company name *
  • First Name *
  • Last Name *
  • Title
  • Phone
  • What are your concerns?

      Sign up for our Newsletter!

      • Company *
      • First Name *
      • Last Name *

          Mobile? Grab this Article!

          QR-Code dieser Seite

          Tag Cloud

          security Tip of the Week technology Cloud Privacy Best Practices Productivity Hackers Business Computing business Microsoft Malware IT Services Internet Backup IT Support Hosted Solutions Managed Service Provider Email Network Workplace Tips Mobile Devices Communication Hardware Computer Smartphones Disaster Recovery Microsoft Office Windows Miscellaneous Efficiency Business Continuity Windows 10 Mobile Device Management Data Holiday Smartphone Small Business Server Software Alert Upgrade Saving Money Google Business Management Virtualization network security WiFi User Tips Ransomware Remote Computing Operating System VoIP Internet of Things Big Data Social Media BYOD Passwords Spam The Internet of Things Office Android Vendor Management Browser Innovation Remote Monitoring Apple Artificial Intelligence Mobile Computing Wireless Technology Apps Budget App Gmail Information Technology Data Management Retail Save Money Best Practice Phishing Going Green Tech Support Bring Your Own Device Facebook Collaboration Managed IT Services Customer Service Automation Hacker Business Growth Risk Management Analytics Outsourced IT Office Tips IT Solutions Customer Relationship Management IT Consultant virus Saving Time Managed IT Hosted Solution IT service Document Management Recovery Data storage Health Gadgets Hard Drives Proactive IT Outlook Current Events Application Avoiding Downtime Employer-Employee Relationship Money Robot Presentation Hacking Content Filtering Firewall Computers Lithium-ion Battery Running Cable Marketing Website Twitter End of Support Cybersecurity Wireless Search Settings Humor Trending Education Virtual Desktop Network Congestion Windows 8 Analyitcs Administration Programming User Disaster Office 365 Mobile Device Google Docs Quick Tips communications Two-factor Authentication Laptop Hacks Phone System Cybercrime Chrome USB VPN PowerPoint Social Samsung Antivirus iPhone LiFi Work/Life Balance Statistics Save Time Cortana Password Update intranet Law Enforcement Cost Management Net Neutrality Hiring/Firing Tablet Maintenance Safety Downtime Business Owner Competition Encryption Solid State Drive Telephony Debate Access Control security breach Skype Backups Consumers Word YouTube eWaste Mobile Technology Memory Touchscreen Alt Codes Training project management Modern technology LinkedIn Legal Bandwidth Environment Domains Mobile Payment Processors Display Typing Mobility Wi-Fi File Sharing Data Breach business owners Best Available bdr Troubleshooting Public Speaking Patch Management Notifications History Monitors People Cryptocurrency 5G Files Business Intelligence Flexibility Specifications Heating/Cooling Downloads Video Surveillance Google Drive Halloween IBM Telephone Systems Writing Licensing Online Currency Bitcoin Websites IT Support data breaches Help Desk Scary Stories Productivity Crowdsourcing Social Engineering Managed Service Providers Piracy Augmented Reality Botnet today ’s world risk Company Culture Sports Windows 8.1 Update Unified Communications Printer Government Printing Fun experience downtime Documents cyberattack Storage Printer Server Digital Signature Compliance Computing Entrepreneur Travel PDF Users Refrigeration cyberattacks Crowdfunding Dark Data Buisness Deep Learning IP Address Regulations Data loss Paperless Office Google Wallet Knowledge Private Cloud Co-managed IT businesses CIO Mobile Office Gadget Excel IT Management Drones Experience Software as a Service Computer Repair User Error Identities Politics Google Calendar Router Mouse Public Cloud Undo Technology Tips Black Market Identity Theft test post Cabling 3D Printing Automobile Staffing Infrastructure Unsupported Software Administrator Taxes Uninterrupted Power Supply Mobile Data Sync Web Server Supercomputer Hard Disk Drive Mobile Device Managment Cameras Comparison IT Budget CCTV Television Digital Payment Managed IT Services Virtual Reality G Suite Point of Sale Google Maps Machine Learning Corporate Profile Unified Threat Management SaaS Meetings Physical Security Software Tips Relocation WannaCry Webcam Motion Sickness Chromebook GPS Data Backup How To Personal Information Error Cleaning Emoji Tracking Cloud Computing Upgrades Electronic Medical Records Computer Care