This website uses cookies in order to offer you the most relevant information. Please accept cookies for the most optimal performance. 

Blog

Computerware Blog

Computerware has been serving the Vienna area since 1976, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Bad Rabbit Ransomware Strikes Targets in Eastern Europe

Bad Rabbit Ransomware Strikes Targets in Eastern Europe

In yet another widespread ransomware attack, Eastern European countries saw an assortment of their critical establishments and infrastructures struck by an infection known as Bad Rabbit. Government buildings, media establishments, and transportation centers were among the targets of this attack.

Focused in Russia and Ukraine but also spotted in Bulgaria, Germany, and Turkey, Bad Rabbit shut down Russia’s Interfax Agency--a major news outlet--as well as Ukraine’s Kiev Metro, the Odessa International Airport, and both the Ministry of Infrastructure and the Ministry of Finance. The attack on Kiev Metro was found to leverage Diskcoder.D, yet another variant of the infamous Petya ransomware.

Fortunately, there is a considerably lesser chance of Bad Rabbit repeating what WannaCry managed to accomplish during its spread across Europe and, to a lesser extent, North America. This is because, instead of relying on a worm as WannaCry did, Bad Rabbit uses a server message block vulnerability called EternalRomance to spread, after being downloaded while disguised as an Adobe Flash installer on legitimate websites. It would also appear that Bad Rabbit and NotPetya (another significant ransomware attack) were deployed by the same threat actor, as 67 percent of their codebases are the same.

There is also evidence that this threat actor is a Game of Thrones fan, as the code strings used in Bad Rabbit include character names from the novels and television series.

Unfortunately, Bad Rabbit should not have been able to spread as far as it has, as Microsoft released a patch for EternalRomance in March, when the EternalBlue vulnerability was also patched. This makes this attack yet another example of why it is crucial to install patches and updates when they are released--if the organizations affected by Bad Rabbit had done so, they would not be in the position they are now.

Computerware can help you make sure that your systems are not left vulnerable to attacks like this by managing your patches and updates for you. Reach out by calling (703) 821-8200 for more information.

Tip of the Week: It’s Easy to Color-Code Your Goog...
Security Should Come In Two Parts
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Thursday, 21 November 2024

Captcha Image

News & Updates

Computerware is proud to announce the launch of our new website at ww.cwit.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...

Contact us

Learn more about what Computerware can do for your business.

Computerware, Inc.
8480 Tyco Road Suite I
Vienna, Virginia 22182

Copyright Computerware. All Rights Reserved.