Bad Rabbit Ransomware Strikes Targets in Eastern Europe

Bad Rabbit Ransomware Strikes Targets in Eastern Europe

In yet another widespread ransomware attack, Eastern European countries saw an assortment of their critical establishments and infrastructures struck by an infection known as Bad Rabbit. Government buildings, media establishments, and transportation centers were among the targets of this attack.

Focused in Russia and Ukraine but also spotted in Bulgaria, Germany, and Turkey, Bad Rabbit shut down Russia’s Interfax Agency--a major news outlet--as well as Ukraine’s Kiev Metro, the Odessa International Airport, and both the Ministry of Infrastructure and the Ministry of Finance. The attack on Kiev Metro was found to leverage Diskcoder.D, yet another variant of the infamous Petya ransomware.

Fortunately, there is a considerably lesser chance of Bad Rabbit repeating what WannaCry managed to accomplish during its spread across Europe and, to a lesser extent, North America. This is because, instead of relying on a worm as WannaCry did, Bad Rabbit uses a server message block vulnerability called EternalRomance to spread, after being downloaded while disguised as an Adobe Flash installer on legitimate websites. It would also appear that Bad Rabbit and NotPetya (another significant ransomware attack) were deployed by the same threat actor, as 67 percent of their codebases are the same.

There is also evidence that this threat actor is a Game of Thrones fan, as the code strings used in Bad Rabbit include character names from the novels and television series.

Unfortunately, Bad Rabbit should not have been able to spread as far as it has, as Microsoft released a patch for EternalRomance in March, when the EternalBlue vulnerability was also patched. This makes this attack yet another example of why it is crucial to install patches and updates when they are released--if the organizations affected by Bad Rabbit had done so, they would not be in the position they are now.

Celera Networks can help you make sure that your systems are not left vulnerable to attacks like this by managing your patches and updates for you. Reach out by calling (617) 375-9100 for more information.



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Wednesday, 17 January 2018

Captcha Image

Request a Free Consultation

  • Company name *
  • First Name *
  • Last Name *
  • Title
  • Phone
  • What are your concerns?

      Sign up for our Newsletter!

      • Company *
      • First Name *
      • Last Name *

          Mobile? Grab this Article!

          QR-Code dieser Seite

          Tag Cloud

          security Tip of the Week technology Best Practices Cloud Privacy Hackers Productivity Business Computing business Malware Microsoft Internet IT Services Backup Hosted Solutions Managed Service Provider IT Support Email Workplace Tips Network Mobile Devices Communication Hardware Computer Smartphones Disaster Recovery Microsoft Office Windows Miscellaneous Mobile Device Management Holiday Business Continuity Small Business network security Windows 10 Efficiency Data Server Alert Smartphone Business Management Virtualization User Tips Software Upgrade Saving Money Google Social Media WiFi Big Data Android BYOD Internet of Things Passwords Gmail Remote Computing VoIP Operating System Ransomware App Cybersecurity Office Browser Vendor Management Apple Remote Monitoring Spam Innovation Mobile Computing The Internet of Things Apps Phishing Business Growth Risk Management Facebook Analytics Budget Artificial Intelligence Collaboration Wireless Technology Customer Service Data Management Automation Gadgets Money Office 365 Hacker Managed IT Services IT Solutions Information Technology Retail Best Practice Robot Outsourced IT Tech Support Bring Your Own Device Save Money Office Tips Going Green Health Document Management End of Support Outlook Application Proactive IT Hosted Solution Bitcoin Current Events IT service Presentation Hacking Avoiding Downtime Content Filtering Firewall Managed IT Data storage Mobile Device Recovery Lithium-ion Battery Running Cable Customer Relationship Management Hard Drives virus Cortana IT Consultant Employer-Employee Relationship Saving Time Cost Management Computers Website USB VPN Chrome Wireless Settings Quick Tips PowerPoint Samsung Bandwidth Statistics Twitter Password Virtual Desktop Save Time Administration Cryptocurrency Antivirus iPhone intranet Excel Tablet Google Docs Hiring/Firing Two-factor Authentication communications Hacks Net Neutrality Cybercrime Downtime Business Owner Competition Social Engineering Social Maintenance eWaste LiFi Search project management Humor Trending Work/Life Balance Education Marketing Network Congestion Analyitcs Update Law Enforcement Programming Specifications User Safety Disaster Windows 8 IT Support Mouse Encryption Laptop Phone System email scam Public Cloud risk YouTube Online Currency Alt Codes Cyber-attacks Black Market Telephony Legal Blockchain Domains Vulnerabilities cyberattack security breach Documents Typing Company Culture Wi-Fi Digital Signature SharePoint Tip of the week Training bdr Windows 8.1 Update Printer Public Speaking Computing Infrastructure Crowdfunding cyberattacks Modern technology PDF Display 5G Business Intelligence Distributed Denial of Service Processors Digital File Sharing Data loss Google Drive Halloween Heating/Cooling Mobility Printer Server IBM Vulnerability businesses business owners Co-managed IT Monitors Users Evernote Notifications Virtual Assistant Files IT Management Flexibility Scary Stories Networking Software as a Service Writing Augmented Reality Data Warehousing Telephone Systems Hard Drive Websites Google Calendar Sports Business Cards Productivity Technology Tips Help Desk Unified Communications Printing Fun Computer Repair Debate Windows Server 2008 Crowdsourcing Data Security Botnet Skype Access Control Storage today ’s world Consumers Router Memory Mobile Technology Computing Entrepreneur Windows 7 Government Hard Drive Disposal LinkedIn Dark Data experience downtime Buisness Refrigeration Environment IP Address Mobile Payment Deep Learning Google Wallet Compliance Touchscreen Knowledge Freedom of Information Unified Threat Management Best Available Data Breach CIO Troubleshooting Mobile Office History Travel People Patch Management Drones Regulations Experience News Fiber-Optic Private Cloud Video Surveillance Downloads Paperless Office User Error Identities Comparison Gadget Licensing Fake News Undo Fraud data breaches Solid State Drive Managed Service Providers Television Politics Managed IT Services Backups Word Piracy Microsoft Excel Electronic Medical Records Computer Care Corporate Profile 3D Printing Identity Theft Automobile Staffing WannaCry Unsupported Software Administrator Taxes Mobile Data Sync Data Backup Web Server Supercomputer Mobile Device Managment Cloud Computing Cameras IT Budget Cabling CCTV Digital Payment G Suite Virtual Reality Infrastructure Point of Sale Google Maps Machine Learning Unified Threat Management SaaS Uninterrupted Power Supply Meetings Software Tips Relocation Physical Security Hard Disk Drive Webcam Motion Sickness Chromebook How To GPS Error Personal Information test post Cleaning Emoji Upgrades Tracking