October 25, 2017

iTecs Protected Customers from BadRabbit ransomware

iTecs Protected Customers from the Badrabbit ransomware at zero hour

There is a new wave of ransomware attacks, #BadRabbit, launched on October 24th, that has hit the market worldwide.  The attacks originated in Ukraine and Russia, and have spread and affected critical infrastructures.

Our Elite Antivirus Software Suite detected this at zero hour, as early as July 2017, three months before this ransomware hit prime-time, October 24th. The Elite suite features tunable machine learning models. This particular model that detected BadRabbit was created in April 2017, which goes to show the prediction power of iTecs partner's well-crafted machine learning models.

We all know that ransomware or malware can strike companies well before it becomes widespread. Ensure your organization is protected at zero hour. Our Elite Antivirus  Suite is the solution for your organization!

Learn more about how we can help protect your computers at our Total Security Managed Antivirus page.

What we know so far

Bad Rabbit is extremely similar with GoldenEye / NotPetya both structurally and as a broader focus. It targets Ukrainian critical infrastructure and is highly viral due to its implementation of Mimikatz which lets it move from one infected workstation to another across an organization. It also features disk encryption via the DiskCryptor driver so it can interfere with the normal boot process and prevent the computer from starting up.

Game of Thrones characters referenced in the sample.

Last, but not least, while the ransomware component references Game of Thrones characters, it also has a process hashing routine extremely similar to what GoldenEye used to verify what security solutions were installed locally prior to encrypting the MBR.

Latest Posts

July 16, 2021

Why End Point Detection (EDR) Offers Better Security

The rate at which new threats are being identified proves the inadequacy of traditional anti-virus software as a singular security measure. Considering its powerful and comprehensive threat-detecting abilities, SentinelOne proves to be a clear winner in any environment.

Read More
July 12, 2021

What is a Crypto Wallet and How to Secure it

There are various types of cryptocurrency wallets. The three prominent are offline, online, and those held by a custodian. Before we explain the differences between the three, it's important to note that a custodian, in this context, is an entity that holds your private key. Next, we'll go into what a private key is but first, let's dive deeper into the three types.‍

Read More
July 7, 2021

How to better defend against cyberattacks

The first and most crucial thing any company can do to reduce the likelihood of a cyberattack is to train their employees about cyberthreats and how to recognize them. This may seem obvious and intuitive, but the fact of the matter is that human error accounts for a large percentage of successful cyberattacks.

Read More

You have questions, we have answers

What can we help you with?