October 25, 2017

iTecs Protected Customers from BadRabbit ransomware

iTecs Protected Customers from the Badrabbit ransomware at zero hour

There is a new wave of ransomware attacks, #BadRabbit, launched on October 24th, that has hit the market worldwide.  The attacks originated in Ukraine and Russia, and have spread and affected critical infrastructures.

Our Elite Antivirus Software Suite detected this at zero hour, as early as July 2017, three months before this ransomware hit prime-time, October 24th. The Elite suite features tunable machine learning models. This particular model that detected BadRabbit was created in April 2017, which goes to show the prediction power of iTecs partner's well-crafted machine learning models.

We all know that ransomware or malware can strike companies well before it becomes widespread. Ensure your organization is protected at zero hour. Our Elite Antivirus  Suite is the solution for your organization!

Learn more about how we can help protect your computers at our Total Security Managed Antivirus page.

What we know so far

Bad Rabbit is extremely similar with GoldenEye / NotPetya both structurally and as a broader focus. It targets Ukrainian critical infrastructure and is highly viral due to its implementation of Mimikatz which lets it move from one infected workstation to another across an organization. It also features disk encryption via the DiskCryptor driver so it can interfere with the normal boot process and prevent the computer from starting up.

Game of Thrones characters referenced in the sample.

Last, but not least, while the ransomware component references Game of Thrones characters, it also has a process hashing routine extremely similar to what GoldenEye used to verify what security solutions were installed locally prior to encrypting the MBR.

Latest Posts

April 14, 2021

Leverage Someone Else’s Expertise And Keep Your Sanity

The thought of doing business solely on a cloud environment can sound overwhelming. From figuring out what it entails and what type of service or hardware will be needed to how to maintain and sustain that type of environment, the task seems daunting. Naturally, the first place to start is with a web search. How do I run my business virtually?

Read More
March 29, 2021

Is it considered ‘spying’ if you own the equipment?

The new way of doing business is electronically. The way we communicate and transact is mostly through a device, and even more so now in the days of Zoom meetings and virtual tours. Most employees cannot be efficient without a computer and a mobile device, and it is the responsibility of the company to ensure that they have all the proper tools to perform their jobs efficiently.

Read More
March 15, 2021

Does It Make Sense To Own Your Own Server?

Two of the most common reasons for opting out of owning hardware are maintenance and life span. Technology is constantly evolving and servers can quickly need hardware updates or become obsolete. It is crucial to compare the cost of owning the equipment, maintenance, and upgrades versus the cost of operating in a virtually hosted environment.

Read More

You have questions, we have answers

What can we help you with?