Horne & Benik Networks Blog

Horne & Benik Networks has been serving the Marlborough area since 1991, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Bad Rabbit Ransomware Strikes Targets in Eastern Europe

Bad Rabbit Ransomware Strikes Targets in Eastern Europe

In yet another widespread ransomware attack, Eastern European countries saw an assortment of their critical establishments and infrastructures struck by an infection known as Bad Rabbit. Government buildings, media establishments, and transportation centers were among the targets of this attack.

Focused in Russia and Ukraine but also spotted in Bulgaria, Germany, and Turkey, Bad Rabbit shut down Russia’s Interfax Agency--a major news outlet--as well as Ukraine’s Kiev Metro, the Odessa International Airport, and both the Ministry of Infrastructure and the Ministry of Finance. The attack on Kiev Metro was found to leverage Diskcoder.D, yet another variant of the infamous Petya ransomware.

Fortunately, there is a considerably lesser chance of Bad Rabbit repeating what WannaCry managed to accomplish during its spread across Europe and, to a lesser extent, North America. This is because, instead of relying on a worm as WannaCry did, Bad Rabbit uses a server message block vulnerability called EternalRomance to spread, after being downloaded while disguised as an Adobe Flash installer on legitimate websites. It would also appear that Bad Rabbit and NotPetya (another significant ransomware attack) were deployed by the same threat actor, as 67 percent of their codebases are the same.

There is also evidence that this threat actor is a Game of Thrones fan, as the code strings used in Bad Rabbit include character names from the novels and television series.

Unfortunately, Bad Rabbit should not have been able to spread as far as it has, as Microsoft released a patch for EternalRomance in March, when the EternalBlue vulnerability was also patched. This makes this attack yet another example of why it is crucial to install patches and updates when they are released--if the organizations affected by Bad Rabbit had done so, they would not be in the position they are now.

Horne & Benik can help you make sure that your systems are not left vulnerable to attacks like this by managing your patches and updates for you. Reach out by calling (603) 499-4400 for more information.

Tip of the Week: It’s Easy to Color-Code Your Goog...
Security Should Come In Two Parts
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Sunday, 22 December 2024

Captcha Image

Mobile? Grab this Article

QR Code

Customer Login


News & Updates

Horne & Benik is proud to announce the launch of our new website at www.horne-benik.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...

Contact us

Learn more about what Horne & Benik can do for your business.

Horne & Benik
2 School Street - PO Box 305
Marlborough, New Hampshire 03455