Bad Rabbit Ransomware Strikes Targets in Eastern Europe

Bad Rabbit Ransomware Strikes Targets in Eastern Europe

In yet another widespread ransomware attack, Eastern European countries saw an assortment of their critical establishments and infrastructures struck by an infection known as Bad Rabbit. Government buildings, media establishments, and transportation centers were among the targets of this attack.

Focused in Russia and Ukraine but also spotted in Bulgaria, Germany, and Turkey, Bad Rabbit shut down Russia’s Interfax Agency--a major news outlet--as well as Ukraine’s Kiev Metro, the Odessa International Airport, and both the Ministry of Infrastructure and the Ministry of Finance. The attack on Kiev Metro was found to leverage Diskcoder.D, yet another variant of the infamous Petya ransomware.

Fortunately, there is a considerably lesser chance of Bad Rabbit repeating what WannaCry managed to accomplish during its spread across Europe and, to a lesser extent, North America. This is because, instead of relying on a worm as WannaCry did, Bad Rabbit uses a server message block vulnerability called EternalRomance to spread, after being downloaded while disguised as an Adobe Flash installer on legitimate websites. It would also appear that Bad Rabbit and NotPetya (another significant ransomware attack) were deployed by the same threat actor, as 67 percent of their codebases are the same.

There is also evidence that this threat actor is a Game of Thrones fan, as the code strings used in Bad Rabbit include character names from the novels and television series.

Unfortunately, Bad Rabbit should not have been able to spread as far as it has, as Microsoft released a patch for EternalRomance in March, when the EternalBlue vulnerability was also patched. This makes this attack yet another example of why it is crucial to install patches and updates when they are released--if the organizations affected by Bad Rabbit had done so, they would not be in the position they are now.

Celera Networks can help you make sure that your systems are not left vulnerable to attacks like this by managing your patches and updates for you. Reach out by calling (617) 375-9100 for more information.



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Sunday, 18 March 2018

Captcha Image

Request a Free Consultation

  • Company name *
  • First Name *
  • Last Name *
  • Title
  • Phone
  • What are your concerns?

      Sign up for our Newsletter!

      • Company *
      • First Name *
      • Last Name *

          Mobile? Grab this Article!

          QR-Code dieser Seite

          Tag Cloud

          security Tip of the Week technology Privacy Best Practices Cloud Hackers Business Computing Productivity business Malware Microsoft Internet IT Services Backup IT Support Hosted Solutions Managed Service Provider Email Network Mobile Devices Workplace Tips Hardware Communication Smartphones Disaster Recovery Computer Mobile Device Management Microsoft Office Holiday network security Windows Miscellaneous Efficiency Software Data Windows 10 Small Business Business Continuity Server Alert Smartphone Google Virtualization Upgrade Saving Money User Tips Business Management Internet of Things Remote Monitoring Innovation Ransomware Social Media WiFi Passwords Gmail Big Data Cybersecurity Android Remote Computing Operating System VoIP BYOD App Office Browser The Internet of Things Mobile Computing Apple Apps Spam Vendor Management Information Technology Business Growth Risk Management Artificial Intelligence Hacking Phishing Facebook Budget Collaboration Wireless Technology Analytics Cost Management Robot Customer Service Outsourced IT Automation IT Solutions Office Tips Money Save Money Data Management Going Green Office 365 Retail Managed IT Services Best Practice Gadgets Cybercrime Tech Support Bring Your Own Device Hacker Employer-Employee Relationship VPN Health Maintenance Computers Outlook End of Support IT Consultant Saving Time Application Website Presentation Firewall Content Filtering Downtime Managed IT Running Cable Lithium-ion Battery Mobile Device Customer Relationship Management virus Social Engineering Hosted Solution Document Management Bitcoin IT service communications Two-factor Authentication Antivirus Recovery Data storage Proactive IT Current Events intranet Hard Drives Avoiding Downtime Cortana Laptop Chrome Mobile Technology USB project management PowerPoint Samsung Statistics Password Data Breach Save Time Safety Marketing Data Recovery Mouse Twitter Encryption IT Support Excel Hiring/Firing Wireless Windows 8 Tablet Settings Bandwidth Business Owner Virtual Desktop Competition Administration Websites Blockchain Productivity Vulnerabilities Cryptocurrency Quick Tips eWaste Search Humor Company Culture Trending Google Docs Education Analyitcs Hacks Network Congestion Augmented Reality iPhone Work/Life Balance Programming Specifications Update Social Cloud Computing User Law Enforcement Disaster Private Cloud LiFi Net Neutrality Data Security Phone System Piracy Software License Google Wallet Knowledge Computer Repair CIO Multi-factor Authentication Politics Windows 7 Public Cloud Hard Drive Disposal Router Mobile Office Redundancy Documents Drones Black Market Mobile Payment Experience User Error Identity Theft Device security Telephony Freedom of Information Digital Signature Unified Threat Management Identities security breach PDF Patch Management Touchscreen Crowdfunding Undo Tech Term Training News Fiber-Optic Solid State Drive Modern technology Downloads Word IT Plan Co-managed IT Backups Processors Comparison Display YouTube Mobility HTML File Sharing Fake News Fraud Alt Codes business owners data breaches Migration Legal Notifications Television Monitors Flexibility Managed IT Services Domains Data Protection Files Microsoft Excel email scam Typing risk Wi-Fi Business Technology Telephone Systems Cyber-attacks bdr Writing Online Currency Debate Public Speaking Consumers Help Desk cyberattack 5G Skype Business Intelligence Memory Heating/Cooling Desktop Google Drive Crowdsourcing SharePoint Halloween Tip of the week today ’s world IBM Botnet Computing Infrastructure Virtual Reality cyberattacks LinkedIn Windows 8.1 Update Printer Applications Environment Government Distributed Denial of Service Scary Stories Digital experience downtime Data loss Vulnerability businesses Best Available People Printer Server Mobile Security Troubleshooting Evernote History Sports Compliance Virtual Assistant Unified Communications IT Management Users Travel Networking Printing Software as a Service Fun Video Surveillance Regulations Storage Data Warehousing Hard Drive Paperless Office Google Calendar Licensing Business Cards Computing Technology Tips Entrepreneur Buisness Managed Service Providers Refrigeration Dark Data Gadget Windows Server 2008 Deep Learning Access Control IP Address Cleaning Emoji Upgrades Infrastructure Tracking Electronic Medical Records Computer Care 3D Printing Uninterrupted Power Supply Automobile Staffing Unsupported Software Hard Disk Drive Administrator test post Taxes Mobile Data Sync Web Server Supercomputer Mobile Device Managment Cameras Corporate Profile IT Budget Devices CCTV WannaCry Digital Payment G Suite Point of Sale Google Maps Machine Learning Unified Threat Management SaaS Data Backup Meetings Relocation Physical Security Software Tips Webcam Value Motion Sickness Chromebook How To Cabling GPS UTM Error Personal Information