October 25, 2017

iTecs Protected Customers from BadRabbit ransomware

iTecs Protected Customers from the Badrabbit ransomware at zero hour

There is a new wave of ransomware attacks, #BadRabbit, launched on October 24th, that has hit the market worldwide.  The attacks originated in Ukraine and Russia, and have spread and affected critical infrastructures.

Our Elite Antivirus Software Suite detected this at zero hour, as early as July 2017, three months before this ransomware hit prime-time, October 24th. The Elite suite features tunable machine learning models. This particular model that detected BadRabbit was created in April 2017, which goes to show the prediction power of iTecs partner's well-crafted machine learning models.

We all know that ransomware or malware can strike companies well before it becomes widespread. Ensure your organization is protected at zero hour. Our Elite Antivirus  Suite is the solution for your organization!

Learn more about how we can help protect your computers at our Total Security Managed Antivirus page.

What we know so far

Bad Rabbit is extremely similar with GoldenEye / NotPetya both structurally and as a broader focus. It targets Ukrainian critical infrastructure and is highly viral due to its implementation of Mimikatz which lets it move from one infected workstation to another across an organization. It also features disk encryption via the DiskCryptor driver so it can interfere with the normal boot process and prevent the computer from starting up.

Game of Thrones characters referenced in the sample.

Last, but not least, while the ransomware component references Game of Thrones characters, it also has a process hashing routine extremely similar to what GoldenEye used to verify what security solutions were installed locally prior to encrypting the MBR.

Latest Posts

October 11, 2020

Useful PowerShell Commands (CMDs) and Scripts For Windows 2016 & 2019 Server

Useful Windows 2016 and 2019 Server PowerShell Commands (CMDs) and Scripts

Read More
October 1, 2020

How can RMM tools help your company?

How can Remote Monitoring and Management (RMM) tools help your company?

Read More
July 21, 2020

The Reality Of Permanently Working From Home

Read More

You have questions, we have answers

What can we help you with?