Bad Rabbit Ransomware Strikes Targets in Eastern Europe

Bad Rabbit Ransomware Strikes Targets in Eastern Europe

In yet another widespread ransomware attack, Eastern European countries saw an assortment of their critical establishments and infrastructures struck by an infection known as Bad Rabbit. Government buildings, media establishments, and transportation centers were among the targets of this attack.

Focused in Russia and Ukraine but also spotted in Bulgaria, Germany, and Turkey, Bad Rabbit shut down Russia’s Interfax Agency--a major news outlet--as well as Ukraine’s Kiev Metro, the Odessa International Airport, and both the Ministry of Infrastructure and the Ministry of Finance. The attack on Kiev Metro was found to leverage Diskcoder.D, yet another variant of the infamous Petya ransomware.

Fortunately, there is a considerably lesser chance of Bad Rabbit repeating what WannaCry managed to accomplish during its spread across Europe and, to a lesser extent, North America. This is because, instead of relying on a worm as WannaCry did, Bad Rabbit uses a server message block vulnerability called EternalRomance to spread, after being downloaded while disguised as an Adobe Flash installer on legitimate websites. It would also appear that Bad Rabbit and NotPetya (another significant ransomware attack) were deployed by the same threat actor, as 67 percent of their codebases are the same.

There is also evidence that this threat actor is a Game of Thrones fan, as the code strings used in Bad Rabbit include character names from the novels and television series.

Unfortunately, Bad Rabbit should not have been able to spread as far as it has, as Microsoft released a patch for EternalRomance in March, when the EternalBlue vulnerability was also patched. This makes this attack yet another example of why it is crucial to install patches and updates when they are released--if the organizations affected by Bad Rabbit had done so, they would not be in the position they are now.

Computerware can help you make sure that your systems are not left vulnerable to attacks like this by managing your patches and updates for you. Reach out by calling (703) 821-8200 for more information.

Tip of the Week: It’s Easy to Color-Code Your Goog...
Security Should Come In Two Parts


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Tuesday, July 17, 2018

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Best Practices Privacy Internet Cloud Business Management Software Microsoft Business Computing Hackers Managed Service Provider Backup Productivity Workplace Tips Data Hardware Saving Money Business Malware Email IT Services IT Support Hosted Solutions Network Security Google Small Business Efficiency Smartphones Quick Tips Gadgets Business Continuity Mobile Devices User Tips Computer Disaster Recovery Mobile Office Virtualization Network Microsoft Office Android Innovation Mobile Device Management Server VoIP Social Media Smartphone Windows 10 Miscellaneous Upgrade Unified Threat Management Windows Ransomware Remote Monitoring Operating System Collaboration Passwords Communication Holiday Mobile Computing BYOD Remote Computing Apps Cybersecurity Managed IT services WiFi Vendor Management Data Backup Marketing Facebook Data Recovery IT Support The Internet of Things Apple Firewall Analytics Users History Productivity Alert Internet of Things Data Management communications Automation BDR Tech Term Save Money Outsourced IT Artificial Intelligence Phishing Managed IT Services App IT Consultant Content Filtering Going Green Mobile Device Office Bandwidth Bring Your Own Device Big data Gmail Spam Health Cybercrime Lithium-ion Battery Best Practice Information Technology Cost Management Windows 8 Outlook Maintenance Managed IT Printer Wireless Technology Budget Antivirus Tech Support Virus Encryption Search Hiring/Firing Browser Hard Drives Employer-Employee Relationship Computers Travel IBM Hacking Office 365 Update Help Desk Money Document Management Recovery Phone System Running Cable Proactive IT Regulations Saving Time SaaS VPN Intranet Training Education Law Enforcement Hard Drive Humor Compliance It Management Risk Management Business Technology Data storage Administration Customer Service Two-factor Authentication Save Time Cloud Computing Legal Website Networking Government Windows 10 iPhone Project Management Computer Repair Current Events Applications Word Social Networking Paperless Office Excel Telephone Systems Disaster Password Cortana Twitter Hosted Solution End of Support Customer Relationship Management Access Control Hacker Fax Server Robot Securty Augmented Reality PowerPoint Solid State Drive Data Security User Patch Management Business Intelligence Blockchain Black Market Flexibility Mobility Data Loss Social Engineering Digital Payment Downtime Laptop Wireless Business Growth DDoS Tablet Avoiding Downtime Data Breach Comparison Company Culture Digital Mouse Websites Co-managed IT Pain Points Retail User Error Telephony YouTube Machine Learning Unified Communications Settings Start Menu Tech Terms Programming Sports Taxes eWaste Statistics Computing Value Network Congestion Distributed Denial of Service Mobile Technology Software as a Service Public Cloud Uninterrupted Power Supply Lifestyle IT service Streaming Media Processors USB Bitcoin Identity Theft Gaming Console Data Protection Presentation Google Maps Bluetooth Webcam Text Messaging Net Neutrality Virtual Desktop Virtual Reality Specifications Safety Chrome Politics Automobile Cryptocurrency Vulnerabilities Emails Social Scam Router Chromebook Healthcare Google Docs Documents Redundancy Heating/Cooling Computing Infrastructure Experience Hack Computer Accessories How To Cleaning Storage Monitors Inbound Marketing Private Cloud Download Office Tips Trending Best Available Keyboard Virtual Assistant Wi-Fi Staffing Screen Reader Administrator Google Wallet Technology Tips Books Windows XP Gamification Workers Fake News Skype Smart Tech Society Audit Domains Archive Piracy Upload Supercomputer Displays Webinar HTML Worker Public Speaking Fiber-Optic Microchip Database Micrsooft Data Warehousing Samsung Emergency Shortcut Point of Contact Hard Drive Disposal Conferencing Drones Access Mobile Security Reading Entrepreneur Microsoft Excel Multi-Factor Security G Suite Upselling Troubleshooting Computer Care Software License Trends Employer Employee Relationship Devices Permissions Licensing Language HIPAA Fraud Hacks Tactics Physical Security Video Surveillance Google Drive Environment Windows Server 2008 UTM Relocation Content Tablets Saving ZTime Vulnerability Competition Analytic Banking Monitoring Botnet Spyware Electronic Payment Recycling Mobile Payment Product Reviews Legislation Sync Music Electricity Business Owner Printing Best Practives IT Plan File Sharing switches Enterprise Resource Planning Writing Accountants Harddrive IP Address Read email scam Notifications Addiction CCTV Upgrades Debate Windows 7 Multi-factor Authentication Reliable Computing LiFi Information Application Microserver Business Metrics Management Computer Malfunction GPS cache Television Human Resources Wireless Headphones In Internet of Things WannaCry Device Management Downloads Migration Connected Devices External Harddrive Equifax Work/Life Balance Corporate Profile Content Management Get More Done Network Management Deep Learning Time Management Freedom of Information Business Managemenet Printer Server Device security Scalability Visible Light Communication Memory Thin CLient Digital Signature Turn Key Motion Sickness 3D Ebay Assessment SharePoint Smart Phones Teamwork Tip of the week Nanotechnology Entertainment Google Calendar online Currency Trojan Desktop Messenger IT consulting Finance Tracking News Organize Startup VoIP Business Cards Rental Service Service Level Agreement Meetings Touchscreen Advertising Cabling Flash Leadership Knowledge Unified Threat Management CIO Backup and Disaster Recovery Web Server Adminstration Pirating Information Consultation PDF Evernote LinkedIn Capital Managing Stress Productuvuty MSP CrashOverride 3D Printing Username