October 25, 2017

iTecs Protected Customers from BadRabbit ransomware

iTecs Protected Customers from the Badrabbit ransomware at zero hour

There is a new wave of ransomware attacks, #BadRabbit, launched on October 24th, that has hit the market worldwide.  The attacks originated in Ukraine and Russia, and have spread and affected critical infrastructures.

Our Elite Antivirus Software Suite detected this at zero hour, as early as July 2017, three months before this ransomware hit prime-time, October 24th. The Elite suite features tunable machine learning models. This particular model that detected BadRabbit was created in April 2017, which goes to show the prediction power of iTecs partner's well-crafted machine learning models.

We all know that ransomware or malware can strike companies well before it becomes widespread. Ensure your organization is protected at zero hour. Our Elite Antivirus  Suite is the solution for your organization!

Learn more about how we can help protect your computers at our Total Security Managed Antivirus page.

What we know so far

Bad Rabbit is extremely similar with GoldenEye / NotPetya both structurally and as a broader focus. It targets Ukrainian critical infrastructure and is highly viral due to its implementation of Mimikatz which lets it move from one infected workstation to another across an organization. It also features disk encryption via the DiskCryptor driver so it can interfere with the normal boot process and prevent the computer from starting up.

Game of Thrones characters referenced in the sample.

Last, but not least, while the ransomware component references Game of Thrones characters, it also has a process hashing routine extremely similar to what GoldenEye used to verify what security solutions were installed locally prior to encrypting the MBR.

Latest Posts

January 7, 2021

Protecting Your Company Against Ransomware

Ransomware is becoming more common due to the success the creators are enjoying due to the improvement of their methods. What were once simple text-based phishing emails are becoming very realistic looking “corporate” fakes.

Read More
December 28, 2020

G Suite VS Office 365

G-Suite or Office 365 this is the question that has stumped small to medium-sized business owners for years. Now businesses are looking to move into the cloud and need to know where to start and who to use. Some of the most important factors to consider are security, integration, functionality, and usability.

Read More
November 12, 2020

Why You Should Use a Password Manager, and How to Get Started

The majority of people use weak or reuse passwords on different websites. How can someone use a complex, unique password on all of the websites and applications you use? The answer is a password manager.

Read More

You have questions, we have answers

What can we help you with?